What is CVE-2019-19414?

CVE-2019-19414 is an integer overflow vulnerability in the LDAP server of certain Huawei products.

How does CVE-2019-19414 affect Huawei products?

CVE-2019-19414 affects Huawei products running specific firmware versions, allowing a remote attacker to crash the affected system.

How can an attacker exploit CVE-2019-19414?

An attacker can exploit CVE-2019-19414 by sending malformed packets to the target devices.

What is the severity of CVE-2019-19414?

CVE-2019-19414 has a severity rating of 7.5, classified as high severity.

Where can I find more information about CVE-2019-19414?

You can find more information about CVE-2019-19414 on the Huawei security advisory page: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en

Vulnerability/
CVE-2019-19414

high

7.8

CWE

190 20

21/1/2020

5/8/2024

CVE-2019-19414: Integer Overflow

First published: Tue Jan 21 2020(Updated: )

There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei DBS3900	=v100r003c00
Huawei DBS3900	=v100r004c10
Huawei DBS3900 TDD LTE Firmware
Huawei DP300 firmware	=v500r002c00
Huawei DP300 firmware
Huawei RP200	=v500r002c00spc200
Huawei RP200	=v600r006c00
Huawei RP200 firmware
Huawei TE30 Firmware	=v100r001c10
Huawei TE30 Firmware	=v600r006c00
Huawei TE30 Firmware
Huawei TE40	=v600r006c00
Huawei TE40
Huawei TE50	=v600r006c00
Huawei TE50 firmware
Huawei TE60 Firmware	=v100r001c10
Huawei TE60 Firmware	=v500r002c00
Huawei TE60 Firmware	=v600r006c00
Huawei TE60 Firmware

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en

Frequently Asked Questions

What is CVE-2019-19414?
CVE-2019-19414 is an integer overflow vulnerability in the LDAP server of certain Huawei products.
How does CVE-2019-19414 affect Huawei products?
CVE-2019-19414 affects Huawei products running specific firmware versions, allowing a remote attacker to crash the affected system.
How can an attacker exploit CVE-2019-19414?
An attacker can exploit CVE-2019-19414 by sending malformed packets to the target devices.
What is the severity of CVE-2019-19414?
CVE-2019-19414 has a severity rating of 7.5, classified as high severity.
Where can I find more information about CVE-2019-19414?
You can find more information about CVE-2019-19414 on the Huawei security advisory page: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en

agent/type
agent/weakness
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/last-modified-date
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei dbs3900
version/huawei dbs3900/v100r003c00
version/huawei dbs3900/v100r004c10
canonical/huawei dbs3900 tdd lte firmware
canonical/huawei dp300 firmware
version/huawei dp300 firmware/v500r002c00
canonical/huawei rp200
version/huawei rp200/v500r002c00spc200
version/huawei rp200/v600r006c00
canonical/huawei rp200 firmware
canonical/huawei te30 firmware
version/huawei te30 firmware/v100r001c10
version/huawei te30 firmware/v600r006c00
canonical/huawei te40
version/huawei te40/v600r006c00
canonical/huawei te50
version/huawei te50/v600r006c00
canonical/huawei te50 firmware
canonical/huawei te60 firmware
version/huawei te60 firmware/v100r001c10
version/huawei te60 firmware/v500r002c00
version/huawei te60 firmware/v600r006c00