CVE-2019-5278Out-of-bounds Read in Huawei Campusinsight

CWE-125Out-of-bounds Read3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 54.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Campusinsight
Timeline
PublishedDec 13
Latest updateMay 24

Description

There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5huawei/campusinsightV100R019C00
NVDhuawei/campusinsightv100r019c00

🔴Vulnerability Details

2
GHSA
GHSA-v7mh-vm24-5fjf: There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC2002022-05-24
CVEList
CVE-2019-5278: There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC2002019-12-13
CVE-2019-5278 — Out-of-bounds Read in Huawei | cvebase