CVE-2019-19411

Опубликовано: 21 янв. 2020

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-firewall-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-firewall-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc100:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc200:*:*:*:*:*:*:*

cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02952

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-665

Связанные уязвимости

GHSA-v34h-3hv8-mwm9

github

больше 3 лет назад