← Volver a CVEs
CVE-2019-5289
HIGH7.5
Descripcion
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/13/2019
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
huawei:manageone
Debilidades (CWE)
CWE-125
Referencias
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-database-en(psirt@huawei.com)
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-database-en(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.