cvelistv5 - cve-2019-5300

CVE-2019-5300 (GCVE-0-2019-5300)

Vulnerability from cvelistv5

Published

2019-06-04 18:30

Modified

2024-08-04 19:54

Severity ?

CWE

digital signature verification bypass

Summary

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.

References

►

URL

Tags

	psirt@huawei.com	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en	Vendor Advisory

Impacted products

	Vendor	Product	Version
	Huawei	AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300	Version: AR1200 V200R008C50 Version: AR1200 V200R009C00 Version: AR1200 V200R010C00 Version: AR1200-S V200R007C00 Version: AR1200-S V200R008C20 Version: AR1200-S V200R008C50 Version: AR1200-S V200R009C00 Version: AR1200-S V200R010C00 Version: AR150 V200R007C00 Version: AR150 V200R008C20 Version: AR150 V200R008C50 Version: AR150 V200R009C00 Version: AR150 V200R010C00 Version: AR160 V200R007C00 Version: AR160 V200R008C20 Version: AR160 V200R008C50 Version: AR160 V200R009C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:54:52.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "AR1200 V200R008C50"
            },
            {
              "status": "affected",
              "version": "AR1200 V200R009C00"
            },
            {
              "status": "affected",
              "version": "AR1200 V200R010C00"
            },
            {
              "status": "affected",
              "version": "AR1200-S V200R007C00"
            },
            {
              "status": "affected",
              "version": "AR1200-S V200R008C20"
            },
            {
              "status": "affected",
              "version": "AR1200-S V200R008C50"
            },
            {
              "status": "affected",
              "version": "AR1200-S V200R009C00"
            },
            {
              "status": "affected",
              "version": "AR1200-S V200R010C00"
            },
            {
              "status": "affected",
              "version": "AR150 V200R007C00"
            },
            {
              "status": "affected",
              "version": "AR150 V200R008C20"
            },
            {
              "status": "affected",
              "version": "AR150 V200R008C50"
            },
            {
              "status": "affected",
              "version": "AR150 V200R009C00"
            },
            {
              "status": "affected",
              "version": "AR150 V200R010C00"
            },
            {
              "status": "affected",
              "version": "AR160 V200R007C00"
            },
            {
              "status": "affected",
              "version": "AR160 V200R008C20"
            },
            {
              "status": "affected",
              "version": "AR160 V200R008C50"
            },
            {
              "status": "affected",
              "version": "AR160 V200R009C00"
            }
          ]
        }
      ],
      "datePublic": "2019-03-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "digital signature verification bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-04T18:30:58",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2019-5300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "AR1200 V200R008C50"
                          },
                          {
                            "version_value": "AR1200 V200R009C00"
                          },
                          {
                            "version_value": "AR1200 V200R010C00"
                          },
                          {
                            "version_value": "AR1200-S V200R007C00"
                          },
                          {
                            "version_value": "AR1200-S V200R008C20"
                          },
                          {
                            "version_value": "AR1200-S V200R008C50"
                          },
                          {
                            "version_value": "AR1200-S V200R009C00"
                          },
                          {
                            "version_value": "AR1200-S V200R010C00"
                          },
                          {
                            "version_value": "AR150 V200R007C00"
                          },
                          {
                            "version_value": "AR150 V200R008C20"
                          },
                          {
                            "version_value": "AR150 V200R008C50"
                          },
                          {
                            "version_value": "AR150 V200R009C00"
                          },
                          {
                            "version_value": "AR150 V200R010C00"
                          },
                          {
                            "version_value": "AR160 V200R007C00"
                          },
                          {
                            "version_value": "AR160 V200R008C20"
                          },
                          {
                            "version_value": "AR160 V200R008C50"
                          },
                          {
                            "version_value": "AR160 V200R009C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "digital signature verification bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en",
              "refsource": "CONFIRM",
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2019-5300",
    "datePublished": "2019-06-04T18:30:58",
    "dateReserved": "2019-01-04T00:00:00",
    "dateUpdated": "2024-08-04T19:54:52.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-5300\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2019-06-04T19:29:00.633\",\"lastModified\":\"2024-11-21T04:44:42.073\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de firma digital en los routers Huawei AR1200, AR1200-S, AR150, AR160, AR20000, AR2200-S, AR3200, SRG1300, SRG2300 y SRG3300. La vulnerabilidad se debe a que el software afectado verifica incorrectamente las firmas digitales de la imagen del software en el dispositivo afectado. Un atacante local con alto privilegio puede aprovechar la vulnerabilidad para omitir las comprobaciones de integridad de las im\u00e1genes de software e instalar una imagen de software malintencionado en el dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64071E5-6ACD-4E51-9162-B0FF3DC08E07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C623D44E-463B-49A3-81F8-AD219E035B09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E27982-56E6-4A6F-9124-34C7420FDDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EB8B580-EF85-44FE-A7A1-455CD5A7BF85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3202830A-D5CF-411F-B94A-167576919F38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar1200e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B8F6BA3-E2C0-410D-A5E5-6E95545E5467\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar1220c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC75BE34-DC7C-45F3-8F19-F703EF4D5982\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar1220ev:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"141A9CA7-59A5-4BA4-A7A7-C876A4426C00\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar1220evw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14DAC925-7F20-45B9-B753-B7F0EEE3C7F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D125153E-FE39-49A7-95AA-9482C78E7114\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF226F5B-7BF8-4475-8C0C-91E2E43C6E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200-s_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FE54D66-BE3A-492D-B381-4E63880D8088\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar1200-s_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6BF5574-175F-4438-A1D1-0EAA8280388B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar1220f-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B043BAD-75CD-4D7B-BA3C-118519B64A39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"455D7A4E-523E-40C8-958D-59D128F3E797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B64AE02-D345-4628-A086-7C63C255707C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar150_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"411499D2-DD34-4131-8310-0CCC351D28F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar150_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87F4819-180D-488B-B8D8-C10B5076F9AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar158evw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37D521BD-2D68-494F-ADF3-CA836A9860FE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A685289C-08B1-43D4-9970-84A7FC75E54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D609298-9ACE-4726-AD04-6765D8F2C374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar160_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07BC16A-C102-4B21-BF61-C7AE1452BA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar160_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75124BF8-A5FC-46BB-83CF-0C2B7CF92F1B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A206CEBA-27BF-4F73-9E16-DEC0B305BB9C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161ew:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ABF308C-9C4F-4C1E-ADD6-969CDF656BE9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE33C6C9-87F8-42DC-89B1-7C3F5CDFE32E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161f-dgp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19316A6-DDB7-4181-9373-30DDF532E203\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161fg-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4917007C-227B-4F1D-AA58-76487A00DF87\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161fgw-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB72AFF6-A296-497D-83D4-5C700FE9D635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161fv-1p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3AD4730-5311-4477-8E10-421BE84912F6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161fw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E39599B-F0F7-4BB8-9E02-91D470995EF5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161g-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99F89646-40DE-499F-9588-4FC7C13D1CCD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar161w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7EF0D65-C352-495A-8DD5-78AC66E8480C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar168f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0124D47-B343-45AD-A06F-9A186A499F84\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar168f-4p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"663A08C1-0F99-4050-A6DA-0081827283C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B2734E4-B511-4C70-9B5F-8DA0A9963E26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169egw-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCACD162-8331-47CF-9F77-F71221565AFA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169ew:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAAA155B-34BF-4F75-924D-FAB6601FCD46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58721B8C-8A6F-4889-B3D1-6433AB485E40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169fgw-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA425686-6C6C-4ADB-AC8A-D7FE924E340E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169fvw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81601B04-7FC6-4776-9EBC-3C825DA1B7F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169fvw-8s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1772765A-EE39-4AC0-A6BA-B79AC5D93A8A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169g-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B739B694-237A-4AF2-8A0E-63F902DFB656\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169jfvw-2s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99BD1519-AF5F-460F-90D6-4FF9CB7CD9EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar169w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70E1AE34-BEDD-437A-B1F0-606AF4409893\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"622686BB-9302-449F-9351-75B189D1B184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"344D64D1-A9B3-4BFA-ACF3-B421ED427A9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1ED9DF8-A444-4684-932D-12B4B2F98736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar200_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C06FB07B-D74B-42A8-9CE7-CD3FC7217F11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar200_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0924BB8D-A8A8-4F0F-9CE7-198B399E0685\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF8E24FB-1DD4-4DD8-8221-129C30C65E45\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F377CE1E-77A7-447F-B692-A54682A26BB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6A7DDB3-4A2B-46A5-B952-F0FECF88373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5658BAA0-3FCC-4DCB-BDD1-42D00263B29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"158BF3D7-0195-4E73-A8A9-4536216C3CD0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2204-27ge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1CACBBC-327A-40A6-9DD1-49335B296238\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2204-27ge-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9079BB36-E42F-49D6-94D2-D9650A4C3E5C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2204-51ge-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E128F1C9-577C-4F4A-B98B-AB268F703DB2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2204e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A614397B-C24D-4D69-B84A-05FBBC6AFC23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2204xe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67725998-BDD7-4624-8A9F-6CC594293B14\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2220e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CC3FEDF-D877-400A-AE16-7EA1C82E042E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BD5CAC3-80C9-484D-B715-55FEC0543554\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2240c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C570769A-B882-4AB9-A6AC-381020A6BCA1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200s_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86D6EF09-27A6-493B-BDC6-D6C3AA7DB825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200s_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59E43441-15B2-4EE0-AB87-6004BA6DD6C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200s_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"078ED368-3950-49D1-BC31-523B83165EF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200s_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2639415-69D4-44E5-BDB5-28B3E09117A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar2200s_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F7032EF-10C2-4E24-96F7-DEC39F7A1363\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar2200s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6BC03A9-BBAE-4712-AC58-0338EB572EBA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9752658E-3CF5-4D9E-98FB-D15FD892479C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8D0F6C6-5A87-482B-8B2A-693AC7736CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD70804-3A07-4C82-806B-5F5CA075ABF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar3200_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73E5EE31-3D31-4C59-B2C1-B0BCF3294D9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ar3200_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A5BCC5C-CDFB-4B52-8E2D-E85BEC28FD2A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ar3260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3898C07-F3A3-4C40-95EE-C2F524C5EB31\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B319F31F-94D7-468F-8F71-96F40867AEA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D578E607-CF83-4121-8AF9-EF1DBE5FE42F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg1300_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65DEB87D-8F28-4AC6-9ADC-E13146011102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg1300_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B68CB9B0-C32C-4EC5-81D0-ED23DB6D8EC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:srg1320vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98B6177-EFAF-493E-B02B-AE6095A1452F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D10EBBF2-8F03-472C-96DB-C72E426E4E38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D672376C-4256-4CFB-A515-56E31A6706AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg2300_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8486420-C7CA-4296-A9B8-E4DDC1A23530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg2300_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EB2C78B-0736-4AA2-A283-AD4441D7EBEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:srg2320e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EAE9D3-6A9E-4E4F-9550-79EB303A5A83\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4619CF2C-AB5D-475A-ACF6-61EE02306F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43BAC724-4E88-4E3B-9F95-8086D68CADA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg3300_firmware:v200r009c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10511D02-503D-43AD-8306-FA1E9A52B8C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:srg3300_firmware:v200r010c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A05A3FA6-0B32-40A2-BCCE-4395B3DCB2DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:srg3340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CA1C39E-E679-4EF4-8BF4-D1B46DD614E9\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

ghsa-mhr8-vxv5-m5v8

Vulnerability from github

Published

2022-05-24 16:47

Modified

2024-04-04 00:51

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-5300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-04T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.",
  "id": "GHSA-mhr8-vxv5-m5v8",
  "modified": "2024-04-04T00:51:40Z",
  "published": "2022-05-24T16:47:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5300"
    },
    {
      "type": "WEB",
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2019-5300

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2019-5300

Aliases

CVE-2019-5300

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-5300",
    "description": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.",
    "id": "GSD-2019-5300"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-5300"
      ],
      "details": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.",
      "id": "GSD-2019-5300",
      "modified": "2023-12-13T01:23:55.118823Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2019-5300",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "AR1200 V200R008C50"
                        },
                        {
                          "version_value": "AR1200 V200R009C00"
                        },
                        {
                          "version_value": "AR1200 V200R010C00"
                        },
                        {
                          "version_value": "AR1200-S V200R007C00"
                        },
                        {
                          "version_value": "AR1200-S V200R008C20"
                        },
                        {
                          "version_value": "AR1200-S V200R008C50"
                        },
                        {
                          "version_value": "AR1200-S V200R009C00"
                        },
                        {
                          "version_value": "AR1200-S V200R010C00"
                        },
                        {
                          "version_value": "AR150 V200R007C00"
                        },
                        {
                          "version_value": "AR150 V200R008C20"
                        },
                        {
                          "version_value": "AR150 V200R008C50"
                        },
                        {
                          "version_value": "AR150 V200R009C00"
                        },
                        {
                          "version_value": "AR150 V200R010C00"
                        },
                        {
                          "version_value": "AR160 V200R007C00"
                        },
                        {
                          "version_value": "AR160 V200R008C20"
                        },
                        {
                          "version_value": "AR160 V200R008C50"
                        },
                        {
                          "version_value": "AR160 V200R009C00"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Huawei"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "digital signature verification bypass"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en",
            "refsource": "CONFIRM",
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar1200e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar1220ev:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar1220evw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar1220c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar1220f-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar150_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar150_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar158evw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar160_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar160_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161g-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161f-dgp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169fgw-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169ew:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169g-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161fw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161fg-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161fgw-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169egw-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169jfvw-2s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar168f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar168f-4p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169fvw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161fv-1p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar169fvw-8s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar161ew:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar200_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar200_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar201:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2204e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2220e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2204-27ge:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2204-27ge-p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2240c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2204-51ge-p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2204xe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200s_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200s_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar2200s_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar2200s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar3200_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ar3260:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg1300_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg1300_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:srg1320vw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg2300_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg2300_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:srg2320e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg3300_firmware:v200r009c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:srg3300_firmware:v200r010c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:srg3340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2019-5300"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-347"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-06-05T18:49Z",
      "publishedDate": "2019-06-04T19:29Z"
    }
  }
}

fkie_cve-2019-5300

Vulnerability from fkie_nvd

Published

2019-06-04 19:29

Modified

2024-11-21 04:44

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

▶	URL	Tags
	psirt@huawei.com	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	ar1200_firmware	v200r007c00
huawei	ar1200_firmware	v200r008c20
huawei	ar1200_firmware	v200r008c50
huawei	ar1200_firmware	v200r009c00
huawei	ar1200_firmware	v200r010c00
huawei	ar1200e	-
huawei	ar1220c	-
huawei	ar1220ev	-
huawei	ar1220evw	-
huawei	ar1200-s_firmware	v200r007c00
huawei	ar1200-s_firmware	v200r008c20
huawei	ar1200-s_firmware	v200r008c50
huawei	ar1200-s_firmware	v200r009c00
huawei	ar1200-s_firmware	v200r010c00
huawei	ar1220f-s	-
huawei	ar150_firmware	v200r007c00
huawei	ar150_firmware	v200r008c20
huawei	ar150_firmware	v200r008c50
huawei	ar150_firmware	v200r009c00
huawei	ar150_firmware	v200r010c00
huawei	ar158evw	-
huawei	ar160_firmware	v200r007c00
huawei	ar160_firmware	v200r008c20
huawei	ar160_firmware	v200r008c50
huawei	ar160_firmware	v200r009c00
huawei	ar160_firmware	v200r010c00
huawei	ar161	-
huawei	ar161ew	-
huawei	ar161f	-
huawei	ar161f-dgp	-
huawei	ar161fg-l	-
huawei	ar161fgw-l	-
huawei	ar161fv-1p	-
huawei	ar161fw	-
huawei	ar161g-l	-
huawei	ar161w	-
huawei	ar168f	-
huawei	ar168f-4p	-
huawei	ar169	-
huawei	ar169egw-l	-
huawei	ar169ew	-
huawei	ar169f	-
huawei	ar169fgw-l	-
huawei	ar169fvw	-
huawei	ar169fvw-8s	-
huawei	ar169g-l	-
huawei	ar169jfvw-2s	-
huawei	ar169w	-
huawei	ar200_firmware	v200r007c00
huawei	ar200_firmware	v200r008c20
huawei	ar200_firmware	v200r008c50
huawei	ar200_firmware	v200r009c00
huawei	ar200_firmware	v200r010c00
huawei	ar201	-
huawei	ar2200_firmware	v200r007c00
huawei	ar2200_firmware	v200r008c20
huawei	ar2200_firmware	v200r008c50
huawei	ar2200_firmware	v200r009c00
huawei	ar2200_firmware	v200r010c00
huawei	ar2204-27ge	-
huawei	ar2204-27ge-p	-
huawei	ar2204-51ge-p	-
huawei	ar2204e	-
huawei	ar2204xe	-
huawei	ar2220e	-
huawei	ar2240	-
huawei	ar2240c	-
huawei	ar2200s_firmware	v200r007c00
huawei	ar2200s_firmware	v200r008c20
huawei	ar2200s_firmware	v200r008c50
huawei	ar2200s_firmware	v200r009c00
huawei	ar2200s_firmware	v200r010c00
huawei	ar2200s	-
huawei	ar3200_firmware	v200r007c00
huawei	ar3200_firmware	v200r008c20
huawei	ar3200_firmware	v200r008c50
huawei	ar3200_firmware	v200r009c00
huawei	ar3200_firmware	v200r010c00
huawei	ar3260	-
huawei	srg1300_firmware	v200r007c00
huawei	srg1300_firmware	v200r008c50
huawei	srg1300_firmware	v200r009c00
huawei	srg1300_firmware	v200r010c00
huawei	srg1320vw	-
huawei	srg2300_firmware	v200r007c00
huawei	srg2300_firmware	v200r008c50
huawei	srg2300_firmware	v200r009c00
huawei	srg2300_firmware	v200r010c00
huawei	srg2320e	-
huawei	srg3300_firmware	v200r007c00
huawei	srg3300_firmware	v200r008c50
huawei	srg3300_firmware	v200r009c00
huawei	srg3300_firmware	v200r010c00
huawei	srg3340	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C623D44E-463B-49A3-81F8-AD219E035B09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "75E27982-56E6-4A6F-9124-34C7420FDDE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EB8B580-EF85-44FE-A7A1-455CD5A7BF85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202830A-D5CF-411F-B94A-167576919F38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar1200e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B8F6BA3-E2C0-410D-A5E5-6E95545E5467",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar1220c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC75BE34-DC7C-45F3-8F19-F703EF4D5982",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar1220ev:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "141A9CA7-59A5-4BA4-A7A7-C876A4426C00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar1220evw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14DAC925-7F20-45B9-B753-B7F0EEE3C7F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF226F5B-7BF8-4475-8C0C-91E2E43C6E53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE54D66-BE3A-492D-B381-4E63880D8088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6BF5574-175F-4438-A1D1-0EAA8280388B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar1220f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B043BAD-75CD-4D7B-BA3C-118519B64A39",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B64AE02-D345-4628-A086-7C63C255707C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "411499D2-DD34-4131-8310-0CCC351D28F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87F4819-180D-488B-B8D8-C10B5076F9AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar158evw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D521BD-2D68-494F-ADF3-CA836A9860FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A685289C-08B1-43D4-9970-84A7FC75E54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D609298-9ACE-4726-AD04-6765D8F2C374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A07BC16A-C102-4B21-BF61-C7AE1452BA3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "75124BF8-A5FC-46BB-83CF-0C2B7CF92F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar161:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A206CEBA-27BF-4F73-9E16-DEC0B305BB9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161ew:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ABF308C-9C4F-4C1E-ADD6-969CDF656BE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33C6C9-87F8-42DC-89B1-7C3F5CDFE32E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161f-dgp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B19316A6-DDB7-4181-9373-30DDF532E203",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161fg-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4917007C-227B-4F1D-AA58-76487A00DF87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161fgw-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB72AFF6-A296-497D-83D4-5C700FE9D635",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161fv-1p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AD4730-5311-4477-8E10-421BE84912F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161fw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E39599B-F0F7-4BB8-9E02-91D470995EF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161g-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F89646-40DE-499F-9588-4FC7C13D1CCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar161w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7EF0D65-C352-495A-8DD5-78AC66E8480C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar168f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0124D47-B343-45AD-A06F-9A186A499F84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar168f-4p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "663A08C1-0F99-4050-A6DA-0081827283C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2734E4-B511-4C70-9B5F-8DA0A9963E26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169egw-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCACD162-8331-47CF-9F77-F71221565AFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169ew:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAAA155B-34BF-4F75-924D-FAB6601FCD46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58721B8C-8A6F-4889-B3D1-6433AB485E40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169fgw-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA425686-6C6C-4ADB-AC8A-D7FE924E340E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169fvw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81601B04-7FC6-4776-9EBC-3C825DA1B7F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169fvw-8s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1772765A-EE39-4AC0-A6BA-B79AC5D93A8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169g-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B739B694-237A-4AF2-8A0E-63F902DFB656",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169jfvw-2s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99BD1519-AF5F-460F-90D6-4FF9CB7CD9EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar169w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E1AE34-BEDD-437A-B1F0-606AF4409893",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "344D64D1-A9B3-4BFA-ACF3-B421ED427A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1ED9DF8-A444-4684-932D-12B4B2F98736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06FB07B-D74B-42A8-9CE7-CD3FC7217F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "0924BB8D-A8A8-4F0F-9CE7-198B399E0685",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8E24FB-1DD4-4DD8-8221-129C30C65E45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A7DDB3-4A2B-46A5-B952-F0FECF88373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5658BAA0-3FCC-4DCB-BDD1-42D00263B29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "158BF3D7-0195-4E73-A8A9-4536216C3CD0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar2204-27ge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1CACBBC-327A-40A6-9DD1-49335B296238",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2204-27ge-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9079BB36-E42F-49D6-94D2-D9650A4C3E5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2204-51ge-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E128F1C9-577C-4F4A-B98B-AB268F703DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2204e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A614397B-C24D-4D69-B84A-05FBBC6AFC23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2204xe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67725998-BDD7-4624-8A9F-6CC594293B14",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2220e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC3FEDF-D877-400A-AE16-7EA1C82E042E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD5CAC3-80C9-484D-B715-55FEC0543554",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar2240c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C570769A-B882-4AB9-A6AC-381020A6BCA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D6EF09-27A6-493B-BDC6-D6C3AA7DB825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "59E43441-15B2-4EE0-AB87-6004BA6DD6C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "078ED368-3950-49D1-BC31-523B83165EF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2639415-69D4-44E5-BDB5-28B3E09117A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F7032EF-10C2-4E24-96F7-DEC39F7A1363",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar2200s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BC03A9-BBAE-4712-AC58-0338EB572EBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D0F6C6-5A87-482B-8B2A-693AC7736CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD70804-3A07-4C82-806B-5F5CA075ABF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E5EE31-3D31-4C59-B2C1-B0BCF3294D9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5BCC5C-CDFB-4B52-8E2D-E85BEC28FD2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar3260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3898C07-F3A3-4C40-95EE-C2F524C5EB31",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "D578E607-CF83-4121-8AF9-EF1DBE5FE42F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DEB87D-8F28-4AC6-9ADC-E13146011102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68CB9B0-C32C-4EC5-81D0-ED23DB6D8EC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:srg1320vw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98B6177-EFAF-493E-B02B-AE6095A1452F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "D672376C-4256-4CFB-A515-56E31A6706AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8486420-C7CA-4296-A9B8-E4DDC1A23530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB2C78B-0736-4AA2-A283-AD4441D7EBEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:srg2320e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93EAE9D3-6A9E-4E4F-9550-79EB303A5A83",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
              "matchCriteriaId": "43BAC724-4E88-4E3B-9F95-8086D68CADA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r009c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "10511D02-503D-43AD-8306-FA1E9A52B8C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r010c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A05A3FA6-0B32-40A2-BCCE-4395B3DCB2DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:srg3340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA1C39E-E679-4EF4-8BF4-D1B46DD614E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de firma digital en los routers Huawei AR1200, AR1200-S, AR150, AR160, AR20000, AR2200-S, AR3200, SRG1300, SRG2300 y SRG3300. La vulnerabilidad se debe a que el software afectado verifica incorrectamente las firmas digitales de la imagen del software en el dispositivo afectado. Un atacante local con alto privilegio puede aprovechar la vulnerabilidad para omitir las comprobaciones de integridad de las im\u00e1genes de software e instalar una imagen de software malintencionado en el dispositivo afectado."
    }
  ],
  "id": "CVE-2019-5300",
  "lastModified": "2024-11-21T04:44:42.073",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-04T19:29:00.633",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-5300 (GCVE-0-2019-5300)

Vulnerability from cvelistv5

ghsa-mhr8-vxv5-m5v8

Vulnerability from github

gsd-2019-5300

Vulnerability from gsd

fkie_cve-2019-5300

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature