Huawei DBS3900 TDD LTE

CPE Details

Huawei DBS3900 TDD LTE
huawei
dbs3900_tdd_lte
-
2018-04-16
15h23 +00:00
2021-05-20
16h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*

Informations

Vendor

huawei

Product

dbs3900_tdd_lte

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-19414 2020-01-21 21h54 +00:00 There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
7.5
High
CVE-2019-19413 2020-01-21 21h54 +00:00 There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
7.5
High
CVE-2017-15326 2018-03-23 16h00 +00:00 DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage.
4.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.