安全预警 - 部分华为产品中的多个漏洞
- 预警编号:huawei-sa-20191211-01-ssp
- 初始发布时间: 2019-12-11
- 更新发布时间: 2020-08-12
此漏洞的CVE编号为: CVE-2019-5254.
某些华为产品存在拒绝服务漏洞,攻击者可以通过FTP客户端发送精心制作的消息来利用该漏洞。由于消息验证不充分,可能导致系统越界读取,进而导致拒绝服务。 (漏洞编号:HWPSIRT-2019-01071)
此漏洞的CVE编号为: CVE-2019-5255.
部分华为产品存在空指针引用漏洞。本地攻击者可以通过发送精心设计的参数来利用此漏洞,成功利用可能会导致拒绝服务和进程重新启动。 (漏洞编号:HWPSIRT-2019-01072)
此漏洞的CVE编号为: CVE-2019-5256.
部分华为产品存在资源管理漏洞,登录单板的攻击者可能会从内部网口发送伪造的消息或篡改进程间消息来利用该漏洞。由于系统资源管理不当,可能导致资源耗尽。 (漏洞编号:HWPSIRT-2019-01073)
此漏洞的CVE编号为: CVE-2019-5257.
部分华为产品存在缓冲区溢出漏洞,登录单板的攻击者可能会从内部网口发送伪造的消息或篡改进程间消息来利用该漏洞。由于消息校验不充分,可能导致受影响的单板异常。 (漏洞编号:HWPSIRT-2019-01074)
此漏洞的CVE编号为: CVE-2019-5258.
华为已发布版本修复该漏洞。安全预警链接:
http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191211-01-ssp-cn
|
产品名称 |
版本号 |
修复版本号 |
|
AP2000 |
V200R005C30 |
V200R019C00 |
|
V200R006C10 |
||
|
V200R006C10SPCa00 |
||
|
V200R006C10SPCb00 |
||
|
V200R006C10SPCc00 |
||
|
V200R006C10SPCd00 |
||
|
V200R006C20 |
||
|
V200R006C20SPC700 |
||
|
V200R006C20SPC800 |
||
|
V200R007C10 |
||
|
V200R007C10SPC300 |
||
|
V200R007C10SPC500 |
||
|
V200R007C10SPC600 |
||
|
V200R007C10SPC700 |
||
|
V200R007C10SPC800 |
||
|
V200R007C10SPC900 |
||
|
V200R007C10SPCa00 |
||
|
V200R007C10SPCb00 |
||
|
V200R007C10SPCc00 |
||
|
V200R007C20 |
||
|
V200R007C20SPC200 |
||
|
V200R007C20SPC300 |
||
|
V200R007C20SPC500 |
||
|
V200R007C20SPC700 |
||
|
V200R007C20SPC800 |
||
|
V200R007C20SPC900 |
||
|
V200R007C20SPCa00 |
||
|
V200R007C20SPCc00 |
||
|
V200R007C20SPCd00 |
||
|
V200R007C20SPCe00 |
||
|
V200R007C20SPCf00 |
||
|
V200R007C20SPCg00 |
||
|
V200R007C20SPCi00 |
||
|
V200R008C00 |
||
|
V200R008C10 |
||
|
V200R009C00 |
||
|
AR3200 |
V200R003C01SPCe00 |
V200R010C10SPC700 |
|
V200R005C20SPC100 |
||
|
V200R005C20SPC200 |
||
|
V200R005C20SPC500 |
||
|
V200R005C21 |
||
|
V200R005C30 |
||
|
V200R005C31 |
||
|
V200R005C32 |
||
|
V200R006C10 |
||
|
V200R006C11 |
||
|
V200R007C00 |
||
|
V200R007C01 |
||
|
V200R007C02 |
||
|
V200R008C00 |
||
|
V200R008C10 |
||
|
V200R008C20 |
||
|
V200R008C30 |
||
|
V200R008C50 |
||
|
V200R009C00 |
||
|
V200R009C10 |
||
|
V200R010C00 |
||
|
V300R003C00 |
||
|
V300R003C10 |
||
|
V300R019C00 |
||
|
AntiDDoS1600 |
V500R005C00 |
V500R005C00SPC200 |
|
IPS Module |
V500R001C00SPC300 |
V500R005C20SPC300 |
|
V500R001C00SPC500 |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R005C00 |
||
|
NGFW Module |
V500R001C00SPC300 |
V500R005C20SPC300 |
|
V500R001C00SPC500 |
||
|
V500R001C00SPC500PWE |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R002C00 |
||
|
V500R002C00SPC100 |
||
|
V500R002C00SPC100PWE |
||
|
V500R002C00SPC200 |
||
|
V500R002C00SPC200PWE |
||
|
V500R002C00SPC300 |
||
|
V500R002C10 |
||
|
V500R002C10PWE |
||
|
V500R002C30 |
||
|
V500R002C30PWE |
||
|
V500R005C00 |
||
|
NIP6300 |
V500R001C00SPC300 |
V500R005C20SPC300 |
|
V500R001C00SPC500 |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R005C00 |
||
|
NIP6600 |
V500R001C00SPC300 |
V500R005C20SPC300 |
|
V500R001C00SPC500 |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R005C00 |
||
|
NIP6800 |
V500R001C50 |
V500R005C20SPC300 |
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R005C00 |
||
|
S5700 |
V200R005C03 |
V200R005SPH026 |
|
SeMG9811 |
V500R002C20 |
V500R005C20 |
|
V500R002C30 |
||
|
V500R005C00 |
||
|
Secospace AntiDDoS8000 |
V500R001C00 |
V500R005C20 |
|
V500R001C00SPC200 |
||
|
V500R001C00SPC300 |
||
|
V500R001C00SPC500 |
||
|
V500R001C00SPC600 |
||
|
V500R001C00SPC700 |
||
|
V500R001C00SPH303 |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC300 |
||
|
V500R001C20SPC500 |
||
|
V500R001C20SPC600 |
||
|
V500R001C60SPC100 |
||
|
V500R001C60SPC101 |
||
|
V500R001C60SPC200 |
||
|
V500R001C60SPC300 |
||
|
V500R001C60SPC500 |
||
|
V500R001C60SPC600 |
||
|
V500R005C00 |
||
|
V500R005C00SPC100 |
||
|
Secospace USG6300 |
V100R001C20SPC100 |
V500R005C20SPC300 |
|
V500R001C00SPC300 |
||
|
V500R001C00SPC500 |
||
|
V500R001C00SPC500PWE |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC101 |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R001C80PWE |
||
|
V500R005C00 |
||
|
Secospace USG6500 |
V100R001C20SPC100 |
V500R005C20SPC300 |
|
V500R001C00SPC300 |
||
|
V500R001C00SPC500 |
||
|
V500R001C00SPC500PWE |
||
|
V500R001C00SPH303 |
||
|
V500R001C00SPH508 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC101 |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200B062 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C80 |
||
|
V500R001C80PWE |
||
|
V500R005C00 |
||
|
Secospace USG6600 |
V100R001C00SPC200 |
V500R005C20SPC300 |
|
V100R001C10SPC200 |
||
|
V100R001C10SPC201 |
||
|
V100R001C20SPC100 |
||
|
V100R001C20SPC200 |
||
|
V500R001C00 |
||
|
V500R001C00SPC050 |
||
|
V500R001C00SPC090 |
||
|
V500R001C00SPC300 |
||
|
V500R001C00SPC500 |
||
|
V500R001C00SPC500PWE |
||
|
V500R001C00SPH303 |
||
|
V500R001C20 |
||
|
V500R001C20SPC100 |
||
|
V500R001C20SPC100PWE |
||
|
V500R001C20SPC101 |
||
|
V500R001C20SPC200 |
||
|
V500R001C20SPC200PWE |
||
|
V500R001C20SPC300 |
||
|
V500R001C20SPC300B078 |
||
|
V500R001C20SPC300PWE |
||
|
V500R001C30 |
||
|
V500R001C30SPC100 |
||
|
V500R001C30SPC100PWE |
||
|
V500R001C30SPC200 |
||
|
V500R001C30SPC200PWE |
||
|
V500R001C30SPC300 |
||
|
V500R001C30SPC500 |
||
|
V500R001C30SPC600 |
||
|
V500R001C30SPC600PWE |
||
|
V500R001C30SPC601 |
||
|
V500R001C50 |
||
|
V500R001C50PWE |
||
|
V500R001C50SPC009 |
||
|
V500R001C50SPC100 |
||
|
V500R001C50SPC100PWE |
||
|
V500R001C50SPC200 |
||
|
V500R001C50SPC200PWE |
||
|
V500R001C50SPC300 |
||
|
V500R001C60 |
||
|
V500R001C60SPC100 |
||
|
V500R001C60SPC100PWE |
||
|
V500R001C60SPC200 |
||
|
V500R001C60SPC200PWE |
||
|
V500R001C60SPC300 |
||
|
V500R001C60SPC500 |
||
|
V500R001C80 |
||
|
V500R001C80PWE |
||
|
V500R005C00 |
||
|
USG6000V |
V500R001C10 |
V500R005C20 |
|
V500R001C20 |
||
|
V500R003C00 |
||
|
V500R005C00 |
||
|
eSpace U1981 |
V200R003C50SPC700 |
V200R003C50SPC900 |
HWPSIRT-2019-01067:
使用成功可能会导致受影响的单板异常。
HWPSIRT-2019-01071:
成功的利用可能导致系统越界读取,并导致拒绝服务。
HWPSIRT-2019-01072:
成功的利用可能会导致拒绝服务和进程重新启动。
HWPSIRT-2019-01073:
使用成功可能导致资源耗尽。
HWPSIRT-2019-01074:
使用成功可能会导致受影响的单板异常。
漏洞使用CVSSv3计分系统进行分级(http://www.first.org/cvss/specification-document)
HWPSIRT-2019-01067:
基础得分:5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
临时得分:5.1 (E:F/RL:O/RC:C)
HWPSIRT-2019-01071:
基础得分:5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
临时得分:4.9 (E:F/RL:O/RC:C)
HWPSIRT-2019-01072:
基础得分:5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
临时得分:5.1 (E:F/RL:O/RC:C)
HWPSIRT-2019-01073:
基础得分:5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
临时得分:5.1 (E:F/RL:O/RC:C)
HWPSIRT-2019-01074:
基础得分:5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
临时得分:5.1 (E:F/RL:O/RC:C)
HWPSIRT-2019-01067:
利用漏洞发起攻击的预置条件:
攻击者可能登录单板。
漏洞详细描述:
登录单板的攻击者可能会从内部网口发送伪造的消息或篡改进程间消息来利用该漏洞。由于消息验证不充分,可能导致受影响的单板异常。
HWPSIRT-2019-01071:
利用漏洞发起攻击的预置条件:
攻击者可以访问受影响设备所在网络。
漏洞详细描述:
攻击者可以从FTP客户端发送精心构造的消息来利用此漏洞。由于消息验证不充分,成功的利用可能会导致受影响的单板越界读取并导致拒绝服务。
HWPSIRT-2019-01072:
利用漏洞发起攻击的预置条件:
攻击者可以访问受影响单板。
漏洞详细描述:
本地攻击者可以通过发送精心设计的参数来利用此漏洞。一个成功的开发可能会导致拒绝服务和进程重新启动。
HWPSIRT-2019-01073:
利用漏洞发起攻击的预置条件:
攻击者可以访问受影响单板。
漏洞详细描述:
登录单板的攻击者可能会从内部网口发送伪造的消息或篡改进程间消息来利用该漏洞。由于系统资源管理不当,可能导致资源耗尽。
HWPSIRT-2019-01074:
利用漏洞发起攻击的预置条件:
攻击者可以访问受影响单板。
漏洞详细描述:
登录单板的攻击者可能会从内部网口发送伪造的消息或篡改进程间消息来利用该漏洞。由于消息验证不充分,可能导致受影响的单板异常。
无
用户可以通过华为TAC (Huawei Technical Assistance Center)获取补丁/更新版本。
TAC的联系方式见链接http://www.huawei.com/cn/psirt/report-vulnerabilities。
该漏洞由华为内部测试发现。
2020-08-12 V1.3 UPDATED 刷新受影响产品版本和修复信息;
2020-07-22 V1.2 UPDATED 刷新受影响产品版本和修复信息;
2020-04-08 V1.1 UPDATED 刷新受影响产品版本和修复信息;
2019-12-11 V1.0 INITIAL
无
华为一贯主张尽全力保障产品用户的最终利益,遵循负责任的安全事件披露原则,并通过产品安全问题处理机制处理产品安全问题。
获取华为公司安全应急响应服务及华为产品漏洞信息,请访问http://www.huawei.com/cn/psirt。
反馈华为产品和解决方案安全问题,请反馈至华为PSIRT邮箱PSIRT@huawei.com,详情参考http://www.huawei.com/cn/psirt/report-vulnerabilities。
