CVE-2019-5289
First published: Wed Nov 13 2019(Updated: )
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei ManageOne | =6.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-5289?
The severity of CVE-2019-5289 is high with a CVSS score of 7.5.
How does CVE-2019-5289 impact Huawei ManageOne?
CVE-2019-5289 impacts Huawei ManageOne by allowing attackers to construct invalid packets to attack the active and standby communication channels.
What versions of Huawei ManageOne are affected by CVE-2019-5289?
Versions of Huawei ManageOne 6.5.0 are affected by CVE-2019-5289.
How can I fix CVE-2019-5289 in Huawei ManageOne?
To fix CVE-2019-5289 in Huawei ManageOne, it is recommended to update to a version that includes a patch for this vulnerability.
Where can I find more information about CVE-2019-5289?
You can find more information about CVE-2019-5289 on the Huawei PSIRT website: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-database-en
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei manageone
- version/huawei manageone/6.5.0