Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9.
References
Link | Resource |
---|---|
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-004/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
09 Feb 2022, 19:29
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sierrawireless airlink Mp70e
Sierrawireless airlink Lx40 Sierrawireless airlink Gx450 Sierrawireless airlink Lx60 Sierrawireless airlink Es440 Sierrawireless airlink Es450 Sierrawireless airlink Rv50 Sierrawireless airlink Gx440 Sierrawireless airlink Ls300 Sierrawireless airlink Gx400 Sierrawireless airlink Rv50x Sierrawireless airlink Mp70 |
|
CPE | cpe:2.3:h:sierawireless:airlink_mp70e:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_mp70:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_lx40:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_lx60:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_rv50x:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_es440:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_ls300:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_gx400:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_gx450:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_rv50:-:*:*:*:*:*:*:* cpe:2.3:h:sierawireless:airlink_es450:-:*:*:*:*:*:*:* |
cpe:2.3:h:sierrawireless:airlink_es440:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_rv50:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_mp70:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_mp70e:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx400:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx440:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_lx60:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_rv50x:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_lx40:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_gx450:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:* cpe:2.3:h:sierrawireless:airlink_ls300:-:*:*:*:*:*:*:* |
Information
Published : 2020-08-21 19:15
Updated : 2023-12-10 13:27
NVD link : CVE-2019-11858
Mitre link : CVE-2019-11858
CVE.ORG link : CVE-2019-11858
JSON object : View
Products Affected
sierrawireless
- airlink_ls300
- airlink_gx440
- airlink_mp70e
- airlink_mp70
- aleos
- airlink_es440
- airlink_gx400
- airlink_lx40
- airlink_lx60
- airlink_gx450
- airlink_rv50
- airlink_rv50x
- airlink_es450
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')