Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Huawei Data Communication: Insufficient Verification of Data Authenticity Vulnerability in Some Huawei Products (huawei-sa-20191204-01-validation)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Multiple Huawei products are prone to a denial of service vulnerability due to insufficient verification of data authenticity.
Insight
Insight
A remote, unauthenticated attacker has to intercept specific packets between two devices, modifies the packets, and sends the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device abnormal.
Affected Software
Affected Software
Huawei AR150, AR160, AR200, AR1200, AR2200, AR3200, AR3600, S6700, SRG1300, SRG2300 and SRG3300.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
See the vendors advisory for a solution.