Huawei AR120-S Firmware V200R008C50

CPE Details

Huawei AR120-S Firmware V200R008C50
huawei
ar120-s_firmware
v200r008c50
2020-01-05
14h21 +00:00
2020-01-05
14h21 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:huawei:ar120-s_firmware:v200r008c50:*:*:*:*:*:*:*

Informations

Vendor

huawei

Product

ar120-s_firmware

Version

v200r008c50

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-5304 2020-01-03 13h33 +00:00 Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
7.5
High
CVE-2019-5259 2019-12-16 20h43 +00:00 There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition.
6.5
Medium
CVE-2019-5291 2019-12-13 13h35 +00:00 Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.
5.9
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.