CVE-2019-19397

CWE-327Broken Cryptographic Algorithm4 documents4 sources
Severity
7.5HIGH
EPSS
0.2%
top 59.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei S12700 FirmwareHuawei S1700 FirmwareHuawei S2700 Firmware+4 more
Timeline
PublishedDec 13
Latest updateMay 24

Description

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

NVDhuawei/s1700_firmware5 versions+4
NVDhuawei/s2700_firmware8 versions+7
NVDhuawei/s5700_firmware11 versions+10
NVDhuawei/s6700_firmware8 versions+7
NVDhuawei/s7700_firmware6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-c9p4-g3wp-gpxv: There is a weak algorithm vulnerability in some Huawei products2022-05-24
CVEList
CVE-2019-19397: There is a weak algorithm vulnerability in some Huawei products2019-12-13

💥Exploits & PoCs

1
Exploit-DB
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow2019-03-15
CVE-2019-19397 (HIGH CVSS 7.5) | There is a weak algorithm vulnerabi | cvebase.io