Vulnerability Details CVE-2019-5291
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.9%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2019-5291
-
cpe:2.3:h:huawei:ar120-s:-
-
cpe:2.3:h:huawei:ar1200-s:-
-
cpe:2.3:h:huawei:ar1200:-
-
cpe:2.3:h:huawei:ar150-s:-
-
cpe:2.3:h:huawei:ar150:-
-
cpe:2.3:h:huawei:ar160:-
-
cpe:2.3:h:huawei:ar200-s:-
-
cpe:2.3:h:huawei:ar200:-
-
cpe:2.3:h:huawei:ar2200-s:-
-
cpe:2.3:h:huawei:ar2200:-
-
cpe:2.3:h:huawei:ar3200:-
-
cpe:2.3:h:huawei:ar3600:-
-
cpe:2.3:h:huawei:cloudengine_12800:-
-
cpe:2.3:h:huawei:netengine16ex:-
-
cpe:2.3:h:huawei:s6700:-
-
cpe:2.3:h:huawei:srg1300:-
-
cpe:2.3:h:huawei:srg2300:-
-
cpe:2.3:h:huawei:srg3300:-
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar1200_firmware:v200r005c00
-
cpe:2.3:o:huawei:ar1200_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar1200_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar1200_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar150-s_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar150-s_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar150_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar150_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar150_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar150_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar160_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar160_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar160_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar160_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar200-s_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar200-s_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar200_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar200_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar200_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar200_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar2200-s_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar2200_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar2200_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar2200_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar2200_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar3200_firmware:v200r005c20
-
cpe:2.3:o:huawei:ar3200_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar3200_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar3200_firmware:v200r008c50
-
cpe:2.3:o:huawei:ar3600_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar3600_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar3600_firmware:v200r008c50
-
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c10
-
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c20
-
cpe:2.3:o:huawei:netengine16ex_firmware:v200r005c20
-
cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10
-
cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00
-
cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c50
-
cpe:2.3:o:huawei:s6700_firmware:v200r008c00
-
cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300
-
cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600
-
cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc200
-
cpe:2.3:o:huawei:srg1300_firmware:v200r005c20
-
cpe:2.3:o:huawei:srg1300_firmware:v200r006c10
-
cpe:2.3:o:huawei:srg1300_firmware:v200r007c00
-
cpe:2.3:o:huawei:srg1300_firmware:v200r008c50
-
cpe:2.3:o:huawei:srg2300_firmware:v200r005c20
-
cpe:2.3:o:huawei:srg2300_firmware:v200r006c10
-
cpe:2.3:o:huawei:srg2300_firmware:v200r007c00
-
cpe:2.3:o:huawei:srg2300_firmware:v200r008c50
-
cpe:2.3:o:huawei:srg3300_firmware:v200r005c20
-
cpe:2.3:o:huawei:srg3300_firmware:v200r006c10
-
cpe:2.3:o:huawei:srg3300_firmware:v200r007c00
-
cpe:2.3:o:huawei:srg3300_firmware:v200r008c50