CVE-2019-5274

Name of the Vulnerable Software and Affected Versions USG9500 versions V500R001C30 through V500R001C60

Description The issue is related to a flaw in the X.509 implementation, which can result in an infinite loop. An attacker may exploit this flaw via a malicious certificate to perform a denial of service attack on the affected products.

Recommendations For USG9500 versions V500R001C30 through V500R001C60, consider restricting the use of X.509 certificates until a patch is available. As a temporary workaround, avoid using certificates that may trigger the infinite loop in the X.509 implementation.