CVE-2019-19414
HIGHHuawei DBS3900 TDD LTE Firmware - Denial of Service via LDAP Integer Overflow
Title source: llmDescription
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en
Scores
CVSS v3
7.5
EPSS
0.0033
EPSS Percentile
55.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (12)
huawei/dbs3900_tdd_lte_firmware
v100r003c00
huawei/dbs3900_tdd_lte_firmware
v100r004c10
huawei/dp300_firmware
v500r002c00
huawei/rp200_firmware
v500r002c00spc200
huawei/rp200_firmware
v600r006c00
huawei/te30_firmware
v100r001c10
huawei/te30_firmware
v600r006c00
huawei/te40_firmware
v600r006c00
huawei/te50_firmware
v600r006c00
huawei/te60_firmware
v100r001c10
... and 2 more
Published
Jan 21, 2020
Tracked Since
Feb 18, 2026