[Forgot Password]
Login  Register Subscribe

26309

 
 

132812

 
 

150505

 
 

909

 
 

119751

 
 

158

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2019-19411Date: (C)2020-01-22   (M)2020-08-25


USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 3.7CVSS Score : 4.3
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 1.4Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: LOWAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-firewall-en

CWE    1
CWE-665
XCCDF    1
CWE-665

© SecPod Technologies