cnvd - cnvd-2020-02965

CNVD-2020-02965

Vulnerability from cnvd - Published: 2020-01-20

Title

多款Huawei产品数据伪造问题漏洞

Description

Huawei AR1200等都是中国华为（Huawei）公司的一款企业路由器。多款Huawei产品中存在数据伪造问题漏洞，该漏洞源于程序未能充分的对报文中的部分字段进行校验，攻击者可通过截取两台设备间的报文利用该漏洞导致设备异常。

Severity

中

Patch Name

多款Huawei产品数据伪造问题漏洞的补丁

Patch Description

Huawei AR1200等都是中国华为（Huawei）公司的一款企业路由器。多款Huawei产品中存在数据伪造问题漏洞，该漏洞源于程序未能充分的对报文中的部分字段进行校验，攻击者可通过截取两台设备间的报文利用该漏洞导致设备异常。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-01-validation-cn

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-5291

Impacted products

Name
['Huawei AR3200 V200R007C00', 'Huawei AR3200 V200R005C20', 'Huawei AR3200 V200R006C10', 'Huawei AR120-S V200R006C10', 'Huawei AR120-S V200R007C00', 'Huawei AR1200 V200R006C10', 'Huawei AR1200 V200R007C00', 'Huawei AR1200-S V200R006C10', 'Huawei AR1200-S V200R007C00', 'Huawei AR150 V200R006C10', 'Huawei AR150 V200R007C00', 'Huawei AR150-S V200R006C10', 'Huawei AR150-S V200R007C00', 'Huawei AR160 V200R006C10', 'Huawei AR160 V200R007C00', 'Huawei AR200 V200R006C10', 'Huawei AR200 V200R007C00', 'Huawei AR200-S V200R006C10', 'Huawei AR200-S V200R007C00', 'Huawei AR2200 V200R006C10', 'Huawei AR2200 V200R007C00', 'Huawei NetEngine16EX V200R006C10', 'Huawei NetEngine16EX V200R007C00', 'Huawei SRG1300 V200R006C10', 'Huawei SRG1300 V200R007C00', 'Huawei SRG2300 V200R006C10', 'Huawei SRG2300 V200R007C00', 'Huawei SRG3300 V200R006C10', 'Huawei SRG3300 V200R007C00', 'Huawei AR2200-S V200R006C10', 'Huawei AR2200-S V200R007C00', 'Huawei AR3600 V200R006C10', 'Huawei AR3600 V200R007C00', 'Huawei S6700 V200R008C00', 'Huawei AR2200-S V200R005C20', 'Huawei AR2200 V200R005C20', 'Huawei AR120-S V200R005C20', 'Huawei AR1200-S V200R005C20', 'Huawei AR150 V200R005C20', 'Huawei AR150-S V200R005C20', 'Huawei AR160 V200R005C20', 'Huawei AR200 V200R005C20', 'Huawei AR200-S V200R005C20', 'Huawei NetEngine16EX V200R005C20', 'Huawei SRG1300 V200R005C20', 'Huawei SRG2300 V200R005C20', 'Huawei SRG3300 V200R005C20', 'Huawei AR3600 V200R008C50', 'Huawei AR120-S V200R008C50', 'Huawei AR1200 V200R005C00', 'Huawei AR1200 V200R008C50', 'Huawei AR1200-S V200R008C50', 'Huawei AR150 V200R008C50', 'Huawei AR150-S V200R008C50', 'Huawei AR160 V200R008C50', 'Huawei AR200 V200R008C50', 'Huawei AR200-S V200R008C50', 'Huawei AR2200 V200R008C50', 'Huawei AR2200-S V200R008C50', 'Huawei AR3200 V200R008C50', 'Huawei CloudEngine 12800 V200R002C10', 'Huawei CloudEngine 12800 V200R002C20', 'Huawei NetEngine16EX V200R008C50', 'Huawei S6700 V200R010C00SPC300', 'Huawei S6700 V200R010C00SPC600', 'Huawei S6700 V200R011C00SPC200', 'Huawei SRG1300 V200R008C50', 'Huawei SRG2300 V200R008C50', 'Huawei SRG3300 V200R008C50']

Name

['Huawei AR3200 V200R007C00', 'Huawei AR3200 V200R005C20', 'Huawei AR3200 V200R006C10', 'Huawei AR120-S V200R006C10', 'Huawei AR120-S V200R007C00', 'Huawei AR1200 V200R006C10', 'Huawei AR1200 V200R007C00', 'Huawei AR1200-S V200R006C10', 'Huawei AR1200-S V200R007C00', 'Huawei AR150 V200R006C10', 'Huawei AR150 V200R007C00', 'Huawei AR150-S V200R006C10', 'Huawei AR150-S V200R007C00', 'Huawei AR160 V200R006C10', 'Huawei AR160 V200R007C00', 'Huawei AR200 V200R006C10', 'Huawei AR200 V200R007C00', 'Huawei AR200-S V200R006C10', 'Huawei AR200-S V200R007C00', 'Huawei AR2200 V200R006C10', 'Huawei AR2200 V200R007C00', 'Huawei NetEngine16EX V200R006C10', 'Huawei NetEngine16EX V200R007C00', 'Huawei SRG1300 V200R006C10', 'Huawei SRG1300 V200R007C00', 'Huawei SRG2300 V200R006C10', 'Huawei SRG2300 V200R007C00', 'Huawei SRG3300 V200R006C10', 'Huawei SRG3300 V200R007C00', 'Huawei AR2200-S V200R006C10', 'Huawei AR2200-S V200R007C00', 'Huawei AR3600 V200R006C10', 'Huawei AR3600 V200R007C00', 'Huawei S6700 V200R008C00', 'Huawei AR2200-S V200R005C20', 'Huawei AR2200 V200R005C20', 'Huawei AR120-S V200R005C20', 'Huawei AR1200-S V200R005C20', 'Huawei AR150 V200R005C20', 'Huawei AR150-S V200R005C20', 'Huawei AR160 V200R005C20', 'Huawei AR200 V200R005C20', 'Huawei AR200-S V200R005C20', 'Huawei NetEngine16EX V200R005C20', 'Huawei SRG1300 V200R005C20', 'Huawei SRG2300 V200R005C20', 'Huawei SRG3300 V200R005C20', 'Huawei AR3600 V200R008C50', 'Huawei AR120-S V200R008C50', 'Huawei AR1200 V200R005C00', 'Huawei AR1200 V200R008C50', 'Huawei AR1200-S V200R008C50', 'Huawei AR150 V200R008C50', 'Huawei AR150-S V200R008C50', 'Huawei AR160 V200R008C50', 'Huawei AR200 V200R008C50', 'Huawei AR200-S V200R008C50', 'Huawei AR2200 V200R008C50', 'Huawei AR2200-S V200R008C50', 'Huawei AR3200 V200R008C50', 'Huawei CloudEngine 12800 V200R002C10', 'Huawei CloudEngine 12800 V200R002C20', 'Huawei NetEngine16EX V200R008C50', 'Huawei S6700 V200R010C00SPC300', 'Huawei S6700 V200R010C00SPC600', 'Huawei S6700 V200R011C00SPC200', 'Huawei SRG1300 V200R008C50', 'Huawei SRG2300 V200R008C50', 'Huawei SRG3300 V200R008C50']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-5291",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-5291"
    }
  },
  "description": "Huawei AR1200\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1a\u8def\u7531\u5668\u3002\n\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u5bf9\u62a5\u6587\u4e2d\u7684\u90e8\u5206\u5b57\u6bb5\u8fdb\u884c\u6821\u9a8c\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u622a\u53d6\u4e24\u53f0\u8bbe\u5907\u95f4\u7684\u62a5\u6587\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8bbe\u5907\u5f02\u5e38\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-01-validation-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-02965",
  "openTime": "2020-01-20",
  "patchDescription": "Huawei AR1200\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1a\u8def\u7531\u5668\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u5bf9\u62a5\u6587\u4e2d\u7684\u90e8\u5206\u5b57\u6bb5\u8fdb\u884c\u6821\u9a8c\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u622a\u53d6\u4e24\u53f0\u8bbe\u5907\u95f4\u7684\u62a5\u6587\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8bbe\u5907\u5f02\u5e38\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei AR3200 V200R007C00",
      "Huawei AR3200 V200R005C20",
      "Huawei AR3200 V200R006C10",
      "Huawei AR120-S V200R006C10",
      "Huawei AR120-S V200R007C00",
      "Huawei AR1200 V200R006C10",
      "Huawei AR1200 V200R007C00",
      "Huawei AR1200-S V200R006C10",
      "Huawei AR1200-S V200R007C00",
      "Huawei AR150 V200R006C10",
      "Huawei AR150 V200R007C00",
      "Huawei AR150-S V200R006C10",
      "Huawei AR150-S V200R007C00",
      "Huawei AR160 V200R006C10",
      "Huawei AR160 V200R007C00",
      "Huawei AR200 V200R006C10",
      "Huawei AR200 V200R007C00",
      "Huawei AR200-S V200R006C10",
      "Huawei AR200-S V200R007C00",
      "Huawei AR2200 V200R006C10",
      "Huawei AR2200 V200R007C00",
      "Huawei NetEngine16EX V200R006C10",
      "Huawei NetEngine16EX V200R007C00",
      "Huawei SRG1300 V200R006C10",
      "Huawei SRG1300 V200R007C00",
      "Huawei SRG2300 V200R006C10",
      "Huawei SRG2300 V200R007C00",
      "Huawei SRG3300 V200R006C10",
      "Huawei SRG3300 V200R007C00",
      "Huawei AR2200-S V200R006C10",
      "Huawei AR2200-S V200R007C00",
      "Huawei AR3600 V200R006C10",
      "Huawei AR3600 V200R007C00",
      "Huawei S6700 V200R008C00",
      "Huawei AR2200-S V200R005C20",
      "Huawei AR2200 V200R005C20",
      "Huawei AR120-S V200R005C20",
      "Huawei AR1200-S V200R005C20",
      "Huawei AR150 V200R005C20",
      "Huawei AR150-S V200R005C20",
      "Huawei AR160 V200R005C20",
      "Huawei AR200 V200R005C20",
      "Huawei AR200-S V200R005C20",
      "Huawei NetEngine16EX V200R005C20",
      "Huawei SRG1300 V200R005C20",
      "Huawei SRG2300 V200R005C20",
      "Huawei SRG3300 V200R005C20",
      "Huawei AR3600 V200R008C50",
      "Huawei AR120-S V200R008C50",
      "Huawei AR1200 V200R005C00",
      "Huawei AR1200 V200R008C50",
      "Huawei AR1200-S V200R008C50",
      "Huawei AR150 V200R008C50",
      "Huawei AR150-S V200R008C50",
      "Huawei AR160 V200R008C50",
      "Huawei AR200 V200R008C50",
      "Huawei AR200-S V200R008C50",
      "Huawei AR2200 V200R008C50",
      "Huawei AR2200-S V200R008C50",
      "Huawei AR3200 V200R008C50",
      "Huawei CloudEngine 12800 V200R002C10",
      "Huawei CloudEngine 12800 V200R002C20",
      "Huawei NetEngine16EX V200R008C50",
      "Huawei S6700 V200R010C00SPC300",
      "Huawei S6700 V200R010C00SPC600",
      "Huawei S6700 V200R011C00SPC200",
      "Huawei SRG1300 V200R008C50",
      "Huawei SRG2300 V200R008C50",
      "Huawei SRG3300 V200R008C50"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-5291",
  "serverity": "\u4e2d",
  "submitTime": "2019-12-06",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2019-5291 (GCVE-0-2019-5291)

Vulnerability from cvelistv5 – Published: 2019-12-13 14:35 – Updated: 2024-08-04 19:54

Summary

Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.

Severity ?

No CVSS data available.

CWE

Insufficient Verification

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;CloudEngine 12800;NetEngine16EX;S6700;SRG1300;SRG2300;SRG3300	Affected: V200R005C20 Affected: V200R006C10 Affected: V200R007C00 Affected: V200R008C50 Affected: V200R005C00 Affected: V200R002C10 Affected: V200R002C20 Affected: V200R008C00 Affected: V200R010C00SPC300 Affected: V200R010C00SPC600 Affected: V200R011C00SPC200

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:54:52.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;CloudEngine 12800;NetEngine16EX;S6700;SRG1300;SRG2300;SRG3300",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "V200R005C20"
            },
            {
              "status": "affected",
              "version": "V200R006C10"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R008C50"
            },
            {
              "status": "affected",
              "version": "V200R005C00"
            },
            {
              "status": "affected",
              "version": "V200R002C10"
            },
            {
              "status": "affected",
              "version": "V200R002C20"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00SPC300"
            },
            {
              "status": "affected",
              "version": "V200R010C00SPC600"
            },
            {
              "status": "affected",
              "version": "V200R011C00SPC200"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Insufficient Verification",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-13T14:35:50",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2019-5291",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;CloudEngine 12800;NetEngine16EX;S6700;SRG1300;SRG2300;SRG3300",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R005C20"
                          },
                          {
                            "version_value": "V200R006C10"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C50"
                          },
                          {
                            "version_value": "V200R005C00"
                          },
                          {
                            "version_value": "V200R002C10"
                          },
                          {
                            "version_value": "V200R002C20"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R010C00SPC300"
                          },
                          {
                            "version_value": "V200R010C00SPC600"
                          },
                          {
                            "version_value": "V200R011C00SPC200"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Insufficient Verification"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en",
              "refsource": "MISC",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2019-5291",
    "datePublished": "2019-12-13T14:35:50",
    "dateReserved": "2019-01-04T00:00:00",
    "dateUpdated": "2024-08-04T19:54:52.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-02965

CVE-2019-5291 (GCVE-0-2019-5291)

Tags

Sightings

Nomenclature