fkie_cve-2019-5300
Vulnerability from fkie_nvd
Published
2019-06-04 19:29
Modified
2024-11-21 04:44
Severity ?
Summary
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "C623D44E-463B-49A3-81F8-AD219E035B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "75E27982-56E6-4A6F-9124-34C7420FDDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB8B580-EF85-44FE-A7A1-455CD5A7BF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3202830A-D5CF-411F-B94A-167576919F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8F6BA3-E2C0-410D-A5E5-6E95545E5467",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC75BE34-DC7C-45F3-8F19-F703EF4D5982",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220ev:-:*:*:*:*:*:*:*",
"matchCriteriaId": "141A9CA7-59A5-4BA4-A7A7-C876A4426C00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220evw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14DAC925-7F20-45B9-B753-B7F0EEE3C7F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "DF226F5B-7BF8-4475-8C0C-91E2E43C6E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE54D66-BE3A-492D-B381-4E63880D8088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BF5574-175F-4438-A1D1-0EAA8280388B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1220f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B043BAD-75CD-4D7B-BA3C-118519B64A39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6B64AE02-D345-4628-A086-7C63C255707C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "411499D2-DD34-4131-8310-0CCC351D28F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A87F4819-180D-488B-B8D8-C10B5076F9AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar158evw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37D521BD-2D68-494F-ADF3-CA836A9860FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A685289C-08B1-43D4-9970-84A7FC75E54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "2D609298-9ACE-4726-AD04-6765D8F2C374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A07BC16A-C102-4B21-BF61-C7AE1452BA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "75124BF8-A5FC-46BB-83CF-0C2B7CF92F1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar161:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A206CEBA-27BF-4F73-9E16-DEC0B305BB9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161ew:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABF308C-9C4F-4C1E-ADD6-969CDF656BE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE33C6C9-87F8-42DC-89B1-7C3F5CDFE32E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161f-dgp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B19316A6-DDB7-4181-9373-30DDF532E203",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fg-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4917007C-227B-4F1D-AA58-76487A00DF87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fgw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB72AFF6-A296-497D-83D4-5C700FE9D635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fv-1p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AD4730-5311-4477-8E10-421BE84912F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E39599B-F0F7-4BB8-9E02-91D470995EF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161g-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F89646-40DE-499F-9588-4FC7C13D1CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EF0D65-C352-495A-8DD5-78AC66E8480C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar168f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0124D47-B343-45AD-A06F-9A186A499F84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar168f-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663A08C1-0F99-4050-A6DA-0081827283C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2734E4-B511-4C70-9B5F-8DA0A9963E26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169egw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCACD162-8331-47CF-9F77-F71221565AFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169ew:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAA155B-34BF-4F75-924D-FAB6601FCD46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58721B8C-8A6F-4889-B3D1-6433AB485E40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fgw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA425686-6C6C-4ADB-AC8A-D7FE924E340E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fvw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81601B04-7FC6-4776-9EBC-3C825DA1B7F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fvw-8s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1772765A-EE39-4AC0-A6BA-B79AC5D93A8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169g-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B739B694-237A-4AF2-8A0E-63F902DFB656",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169jfvw-2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD1519-AF5F-460F-90D6-4FF9CB7CD9EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1AE34-BEDD-437A-B1F0-606AF4409893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "344D64D1-A9B3-4BFA-ACF3-B421ED427A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED9DF8-A444-4684-932D-12B4B2F98736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C06FB07B-D74B-42A8-9CE7-CD3FC7217F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0924BB8D-A8A8-4F0F-9CE7-198B399E0685",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8E24FB-1DD4-4DD8-8221-129C30C65E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A7DDB3-4A2B-46A5-B952-F0FECF88373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5658BAA0-3FCC-4DCB-BDD1-42D00263B29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "158BF3D7-0195-4E73-A8A9-4536216C3CD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2204-27ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CACBBC-327A-40A6-9DD1-49335B296238",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204-27ge-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9079BB36-E42F-49D6-94D2-D9650A4C3E5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204-51ge-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E128F1C9-577C-4F4A-B98B-AB268F703DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A614397B-C24D-4D69-B84A-05FBBC6AFC23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67725998-BDD7-4624-8A9F-6CC594293B14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2220e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC3FEDF-D877-400A-AE16-7EA1C82E042E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5CAC3-80C9-484D-B715-55FEC0543554",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2240c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570769A-B882-4AB9-A6AC-381020A6BCA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "86D6EF09-27A6-493B-BDC6-D6C3AA7DB825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "59E43441-15B2-4EE0-AB87-6004BA6DD6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "078ED368-3950-49D1-BC31-523B83165EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A2639415-69D4-44E5-BDB5-28B3E09117A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7032EF-10C2-4E24-96F7-DEC39F7A1363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BC03A9-BBAE-4712-AC58-0338EB572EBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D0F6C6-5A87-482B-8B2A-693AC7736CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70804-3A07-4C82-806B-5F5CA075ABF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73E5EE31-3D31-4C59-B2C1-B0BCF3294D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5BCC5C-CDFB-4B52-8E2D-E85BEC28FD2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3898C07-F3A3-4C40-95EE-C2F524C5EB31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D578E607-CF83-4121-8AF9-EF1DBE5FE42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "65DEB87D-8F28-4AC6-9ADC-E13146011102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B68CB9B0-C32C-4EC5-81D0-ED23DB6D8EC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1320vw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98B6177-EFAF-493E-B02B-AE6095A1452F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D672376C-4256-4CFB-A515-56E31A6706AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E8486420-C7CA-4296-A9B8-E4DDC1A23530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB2C78B-0736-4AA2-A283-AD4441D7EBEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2320e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93EAE9D3-6A9E-4E4F-9550-79EB303A5A83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "43BAC724-4E88-4E3B-9F95-8086D68CADA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10511D02-503D-43AD-8306-FA1E9A52B8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3FA6-0B32-40A2-BCCE-4395B3DCB2DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA1C39E-E679-4EF4-8BF4-D1B46DD614E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de firma digital en los routers Huawei AR1200, AR1200-S, AR150, AR160, AR20000, AR2200-S, AR3200, SRG1300, SRG2300 y SRG3300. La vulnerabilidad se debe a que el software afectado verifica incorrectamente las firmas digitales de la imagen del software en el dispositivo afectado. Un atacante local con alto privilegio puede aprovechar la vulnerabilidad para omitir las comprobaciones de integridad de las im\u00e1genes de software e instalar una imagen de software malintencionado en el dispositivo afectado."
}
],
"id": "CVE-2019-5300",
"lastModified": "2024-11-21T04:44:42.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T19:29:00.633",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…