All the vulnerabilites related to huawei - cloudengine_6800_firmware
cve-2021-22393
Vulnerability from cvelistv5
Published
2021-04-28 11:36
Modified
2024-08-03 18:44
Severity ?
EPSS score ?
Summary
There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-28T11:38:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22393",
"datePublished": "2021-04-28T11:36:48",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9137
Vulnerability from cvelistv5
Published
2020-12-24 15:47
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800 Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-24T15:47:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9137",
"datePublished": "2020-12-24T15:47:56",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22328
Vulnerability from cvelistv5
Published
2021-08-23 19:29
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R005C00SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-23T19:29:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C00SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22328",
"datePublished": "2021-08-23T19:29:53",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-17301
Vulnerability from cvelistv5
Published
2018-02-15 16:00
Modified
2024-08-05 20:51
Severity ?
EPSS score ?
Summary
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | AR120-S,AR1200,AR1200-S,AR150,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,DP300,SMC2.0,SRG1300,SRG2300,SRG3300,TE30,TE60,VP9660,ViewPoint 8660,eSpace IAD,eSpace U1981,eSpace USM |
Version: AR120-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEn ...[truncated*] |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S,AR1200,AR1200-S,AR150,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,DP300,SMC2.0,SRG1300,SRG2300,SRG3300,TE30,TE60,VP9660,ViewPoint 8660,eSpace IAD,eSpace U1981,eSpace USM",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEn ...[truncated*]"
}
]
}
],
"datePublic": "2017-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "weak cryptography",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S,AR1200,AR1200-S,AR150,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,DP300,SMC2.0,SRG1300,SRG2300,SRG3300,TE30,TE60,VP9660,ViewPoint 8660,eSpace IAD,eSpace U1981,eSpace USM",
"version": {
"version_data": [
{
"version_value": "AR120-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300V500R002C00, SMC2.0V100R003C10, V100R005C00, V500R002C00, SRG1300V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30V100R001C10, TE60V100R003C00, V500R002C00, VP9660V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660V100R008C02, V100R008C03, eSpace IADV300R002C01, eSpace U1981V200R003C20, V200R003C30, eSpace USMV100R001C01, V300R001C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "weak cryptography"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17301",
"datePublished": "2018-02-15T16:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8780
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94618 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00, |
Version: CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00, |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:00.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en"
},
{
"name": "94618",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en"
},
{
"name": "94618",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-8780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,",
"version": {
"version_data": [
{
"version_value": "CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en"
},
{
"name": "94618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-8780",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:35:00.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8795
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94504 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00 |
Version: CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:01.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"name": "94504",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"name": "94504",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-8795",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00",
"version": {
"version_data": [
{
"version_value": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"name": "94504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-8795",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:35:01.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-8147
Vulnerability from cvelistv5
Published
2017-11-22 19:00
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600, |
Version: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*] |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*]"
}
]
}
],
"datePublic": "2017-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "MaxAge LSA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-22T18:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-11-15T00:00:00",
"ID": "CVE-2017-8147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
"version": {
"version_data": [
{
"version_value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MaxAge LSA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-8147",
"datePublished": "2017-11-22T19:00:00Z",
"dateReserved": "2017-04-25T00:00:00",
"dateUpdated": "2024-09-16T17:03:05.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22362
Vulnerability from cvelistv5
Published
2021-05-27 12:18
Modified
2024-08-03 18:44
Severity ?
EPSS score ?
Summary
There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800 Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T12:18:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22362",
"datePublished": "2021-05-27T12:18:57",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9094
Vulnerability from cvelistv5
Published
2020-12-29 17:28
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudEngine 12800 |
Version: V200R019C00SPC800 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R005C20SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bound Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T17:28:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R005C20SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bound Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9094",
"datePublished": "2020-12-29T17:28:53",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-1870
Vulnerability from cvelistv5
Published
2020-05-29 19:13
Modified
2024-08-04 06:53
Severity ?
EPSS score ?
Summary
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudEngine 12800 |
Version: V200R019C00SPC800 |
||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R005C20SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "NE40E",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V800R011C00SPC200"
},
{
"status": "affected",
"version": "V800R011C00SPC300"
},
{
"status": "affected",
"version": "V800R011C10SPC100"
}
]
},
{
"product": "NE40E-F",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V800R011C00SPC200"
},
{
"status": "affected",
"version": "V800R011C10SPC100"
}
]
},
{
"product": "NE40E-M",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V800R011C00SPC200"
},
{
"status": "affected",
"version": "V800R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-18T22:56:08",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R005C20SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "NE40E",
"version": {
"version_data": [
{
"version_value": "V800R011C00SPC200"
},
{
"version_value": "V800R011C00SPC300"
},
{
"version_value": "V800R011C10SPC100"
}
]
}
},
{
"product_name": "NE40E-F",
"version": {
"version_data": [
{
"version_value": "V800R011C00SPC200"
},
{
"version_value": "V800R011C10SPC100"
}
]
}
},
{
"product_name": "NE40E-M",
"version": {
"version_data": [
{
"version_value": "V800R011C00SPC200"
},
{
"version_value": "V800R011C10SPC100"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1870",
"datePublished": "2020-05-29T19:13:26",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:58.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15349
Vulnerability from cvelistv5
Published
2018-02-15 16:00
Modified
2024-08-05 19:50
Severity ?
EPSS score ?
Summary
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, |
Version: CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00"
}
]
}
],
"datePublic": "2017-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,",
"version": {
"version_data": [
{
"version_value": "CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "memory leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15349",
"datePublished": "2018-02-15T16:00:00",
"dateReserved": "2017-10-14T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9124
Vulnerability from cvelistv5
Published
2020-12-29 17:17
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudEngine 12800 |
Version: V200R002C50SPC800 Version: V200R003C00SPC810 Version: V200R005C00SPC800 Version: V200R005C10SPC800 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T17:17:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9124",
"datePublished": "2020-12-29T17:17:07",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9207
Vulnerability from cvelistv5
Published
2020-12-29 17:57
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudEngine 12800 |
Version: V200R019C00SPC800 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R005C20SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T17:57:18",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R005C20SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9207",
"datePublished": "2020-12-29T17:57:18",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-1865
Vulnerability from cvelistv5
Published
2021-01-13 22:20
Modified
2024-08-04 06:53
Severity ?
EPSS score ?
Summary
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800 Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:20:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1865",
"datePublished": "2021-01-13T22:20:20",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:58.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40033
Vulnerability from cvelistv5
Published
2022-01-31 15:57
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T15:57:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40033",
"datePublished": "2022-01-31T15:57:36",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9102
Vulnerability from cvelistv5
Published
2020-07-17 22:59
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudEngine 12800 |
Version: V200R002C50SPC800 Version: V200R003C00SPC810 Version: V200R005C00SPC800 Version: V200R005C10SPC800 Version: V200R019C00SPC800 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 5800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
},
{
"status": "affected",
"version": "V200R005C20SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
},
{
"product": "CloudEngine 7800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800"
},
{
"status": "affected",
"version": "V200R003C00SPC810"
},
{
"status": "affected",
"version": "V200R005C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800"
},
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T22:59:38",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R005C20SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9102",
"datePublished": "2020-07-17T22:59:38",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40042
Vulnerability from cvelistv5
Published
2022-01-31 15:57
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T15:57:35",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40042",
"datePublished": "2022-01-31T15:57:35",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40008
Vulnerability from cvelistv5
Published
2021-12-13 15:48
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R019C00SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-13T15:48:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
},
{
"version_value": "V200R019C00SPC800"
},
{
"version_value": "V200R019C00SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40008",
"datePublished": "2021-12-13T15:48:05",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8790
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94402 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00 |
Version: CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:01.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
},
{
"name": "94402",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
},
{
"name": "94402",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-8790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00",
"version": {
"version_data": [
{
"version_value": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
},
{
"name": "94402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-8790",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:35:01.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37122
Vulnerability from cvelistv5
Published
2021-10-27 00:36
Modified
2024-08-04 01:09
Severity ?
EPSS score ?
Summary
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R005C10SPC800,V200R019C00SPC800 Version: V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C10SPC800,V200R019C00SPC800"
},
{
"status": "affected",
"version": "V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:36:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R005C10SPC800,V200R019C00SPC800"
},
{
"version_value": "V200R005C10SPC800,V200R019C00SPC800"
},
{
"version_value": "V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800"
},
{
"version_value": "V200R005C10SPC800,V200R019C00SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37122",
"datePublished": "2021-10-27T00:36:07",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22332
Vulnerability from cvelistv5
Published
2021-04-28 12:10
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 |
Version: V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Pointer Double Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-28T12:10:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
},
{
"version_value": "V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Pointer Double Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22332",
"datePublished": "2021-04-28T12:10:28",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-05-27 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "2601F8EC-A011-4614-80CA-3A01D80D9B7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B76265-8C33-43A6-AAA7-7521B95F1C57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "542A16DF-B995-417E-AE19-DFF9CC499D7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "512A374E-09BE-4ACD-9F87-C1752C882778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei.\u0026#xa0;Un atacante puede explotar esta vulnerabilidad mediante el env\u00edo datos dise\u00f1ados en el paquete hacia el dispositivo destino.\u0026#xa0;Debido a una comprobaci\u00f3n insuficiente de mensaje, una explotaci\u00f3n con \u00e9xito puede causar una determinada anormalidad en el servicio .Las versiones afectadas de los productos incluyen: CloudEngine 12800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800; CloudEngine 5800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 @ ; CloudEngine 6800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800, V200R019C10SPC800; CloudEngine 7800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
}
],
"id": "CVE-2021-22362",
"lastModified": "2024-11-21T05:49:58.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-27T13:15:07.977",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 16:29
Modified
2024-11-21 03:17
Severity ?
Summary
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "D81E2517-263C-4B59-9D28-A3DE98289B24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "79DA91B4-77A6-4A37-8799-5E548184D49C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8934C1-9162-4C52-A0FC-6B2914E93304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "4045CC4E-3B44-4E32-A04F-39C8572921B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "334E0095-CF32-497D-85AC-AE8AEDE4EC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "4459EF03-890E-446E-8702-8F7CE499FB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "C623D44E-463B-49A3-81F8-AD219E035B09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7D76DA-E30F-4071-807B-DED30596CD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3B0016-0A4A-471F-BBEA-D2E485587B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1B1393-1D47-448D-A5FF-0B2EF74CF172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6B64AE02-D345-4628-A086-7C63C255707C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABEF8DE-D6CA-45DD-B10E-C3FFB5B82FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AF92D98E-60C8-43F9-B6F7-D43193D102EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "34CCEC64-BD07-49F7-8804-98A74257F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A685289C-08B1-43D4-9970-84A7FC75E54B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "75A87025-03BE-4671-9687-85510E9AE4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "5186D104-FD41-4F54-9923-25B0C8C09E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "344D64D1-A9B3-4BFA-ACF3-B421ED427A9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "0325B983-F920-4006-8F3B-738B1B4EBEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F159E208-A535-4B5E-A7A5-791EB01C0839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2EC4F9-EB14-4628-9F89-34168BBD6A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "36DE9947-C096-4B7F-8F3E-748DEFC677C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA92D38-95BA-4FEB-9A5E-A2604B97B6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF9B214-A3C7-4D4E-B92D-63E1085B76C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CCF46F-1B0F-4829-BB28-758777313451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A7DDB3-4A2B-46A5-B952-F0FECF88373E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "272E6F06-9FAF-421B-8E87-7F1F1705B598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2BC38B-D016-4E83-A14E-FE8575135DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B897F931-00B2-4FDF-90CE-5077416E42BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE26EE9-2331-4D72-96CF-635A0A4EBE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BE6310-A42C-4BB3-BB02-7CE6F4FF340D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "0595B3AA-8911-44AF-996B-2F431517FBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "FC727A7A-CF3D-4DC9-9083-A0CE8ED886A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1A842B77-C902-4B20-A171-3F98C75E6160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC61DFB2-E24C-4148-892E-A14F1EC3F9CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D0F6C6-5A87-482B-8B2A-693AC7736CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c30:*:*:*:*:*:*:*",
"matchCriteriaId": "B01969DE-DC37-4F2F-BB9B-5242810A8317",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "4B650408-1E40-49DF-9271-6248CC1DCC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6E52BCED-46D1-4ED9-9A8A-41AA4B88A1AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA6C55E-DF1F-475D-B1E9-C09CF8278276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A14BFE-B957-4BD9-AD25-01011BF9BF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "50C579A9-2768-4202-9171-BC803554E923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "D2EB46B1-A4FE-42AD-BA60-8134A34F5901",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB5929-1526-4910-BE22-07FCDDA06D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4492E892-7BE5-413A-AD53-2D39BD6626F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "061D3731-37D1-40A9-BE2B-7C43CADC3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1573B4A5-A78B-4A17-8E1B-673A11D18221",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C42246DF-E736-4D98-AF73-3F5B731485D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3752F8-78AB-43C9-B499-B3E2031BB29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "CD5BEF58-456D-4983-B1CA-A53CE5C4E24E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "374AD269-B0F4-4534-ABAC-D08343B2CE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5D868B-B2F8-4C25-8134-5ED8758AFB90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B0FFE8C7-6E03-45ED-A581-779C75A5C432",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "386F5C31-6000-48C4-A9CA-D3F91A0549E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "611E69A3-AB62-4584-B611-93583D84FCB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E7481E-B5B8-481C-AC35-A8029AA2DF7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDBEFFB4-9742-48CC-BBA6-E5DCA281B343",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "29D01E86-0F60-4A99-8E48-15B0B0BF3678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF1DFD2-5337-45CA-A1A9-2E6622536027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "27D882C1-BFE2-4C29-86FF-C10F86323D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "9C655B04-5CAD-4BA0-AD0D-658DBDD36D6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "B25185C6-3F8D-4D86-84D9-4D81A3DF5632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "D485D5E3-3819-4F3A-B841-ACB6253ACF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E2E7D1-1F41-4EB2-9401-A3C4F988D64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "140F2A04-2F59-4BD7-9FCE-E37E4FAAF5DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "E586B837-E86A-4B3E-8701-3C92123F9FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "309B9B0E-3639-4913-9DE4-9D4DAE6B0065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E497D97B-F044-4F9A-84B0-378978FBDC58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D13F79BF-2919-45A3-9AB0-9D501DDA94B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vp9660_firmware:v200r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "72ABAEF6-DC14-4C11-A570-44C23705933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:vp9660_firmware:v200r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0BEF9499-2D42-49A2-BBC8-54472DEEB95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A68709FF-9E1C-4174-A925-70A88D4376A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DC498B-F19F-403A-ACFE-F8364A78EC66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c02:*:*:*:*:*:*:*",
"matchCriteriaId": "4C38768F-F3CC-404D-9C3E-7DB9A7C4C580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*",
"matchCriteriaId": "573BD5BC-48CE-4752-834D-6F6368780FB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8FC7FB-FABD-4BC2-A0F5-3149F958EEAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:espace_iad_firmware:v300r002c01:*:*:*:*:*:*:*",
"matchCriteriaId": "647B85DB-2E81-4EBA-A42C-7DBEF1EDD9D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:espace_iad:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91C8CF3B-2907-4E9C-8CA9-6FECDDC68812",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20:*:*:*:*:*:*:*",
"matchCriteriaId": "C82BCBDF-4F07-47F1-BB91-6148E2403133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*",
"matchCriteriaId": "FC865317-D874-469D-AE84-7700B0F1485C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD4D80-D901-4082-B74D-A1D0CC24CA9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:espace_usm_firmware:v100r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "BECD4671-FA6A-434E-B3A8-5141AB850661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:espace_usm_firmware:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D516A52-BA26-4841-96AC-A0718698C92A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:espace_usm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B099CC1-0C25-46B3-B772-C61AC1657E97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name."
},
{
"lang": "es",
"value": "Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01 y V300R001C00 tienen una vulnerabilidad de criptograf\u00eda d\u00e9bil. Debido a que no se validan correctamente algunos valores en los certificados, un atacante remoto no autenticado podr\u00eda falsificar un certificado RSA espec\u00edfico y explotar la vulnerabilidad para pasar la autenticaci\u00f3n de identidad y los registros en el dispositivo objetivo para obtener los permisos configurados para el nombre de usuario espec\u00edfico."
}
],
"id": "CVE-2017-17301",
"lastModified": "2024-11-21T03:17:47.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T16:29:03.610",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 23:15
Modified
2024-11-21 05:11
Severity ?
Summary
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "2601F8EC-A011-4614-80CA-3A01D80D9B7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B76265-8C33-43A6-AAA7-7521B95F1C57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "542A16DF-B995-417E-AE19-DFF9CC499D7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "512A374E-09BE-4ACD-9F87-C1752C882778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en los productos Huawei CloudEngine.\u0026#xa0;El software lee los datos m\u00e1s all\u00e1 del final del b\u00fafer previsto cuando se analiza determinado mensaje PIM, un atacante adyacente podr\u00eda enviar mensajes PIM dise\u00f1ados al dispositivo, una explotaci\u00f3n con \u00e9xito podr\u00eda causar una lectura fuera de l\u00edmites cuando el sistema realiza la operaci\u00f3n determinada"
}
],
"id": "CVE-2020-1865",
"lastModified": "2024-11-21T05:11:30.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T23:15:13.323",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-28 12:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_12800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_12800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_12800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800 | v200r002c50spc800 | |
| huawei | cloudengine_5800 | v200r003c00spc810 | |
| huawei | cloudengine_5800 | v200r005c00spc800 | |
| huawei | cloudengine_5800 | v200r005c10spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_6800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_6800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_6800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_7800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_7800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_7800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "44D87EDA-E260-4364-915A-71187D82B1D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "124AB6D4-A68D-45B9-B98C-DC30AB7AEED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EF2025-3E33-4B7F-99BB-459D60B833EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "86F46EA9-CDC9-4E0F-B32E-0373558FE832",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio en algunas versiones de CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 y CloudEngine 12800. El producto afectado no puede manejar algunos mensajes debido a deficiencias en el dise\u00f1o del m\u00f3dulo.\u0026#xa0;Unos atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de una gran cantidad de mensajes espec\u00edficos para causar una denegaci\u00f3n de servicio.\u0026#xa0;Esto puede comprometer el servicio normal"
}
],
"id": "CVE-2021-22393",
"lastModified": "2024-11-21T05:50:02.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-28T12:15:08.287",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-29 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_12800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_12800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_12800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_5800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_5800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_5800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_6800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_6800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_6800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_7800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_7800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_7800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de memoria en algunas versiones del producto Huawei CloudEngine.\u0026#xa0;Un atacante remoto no autenticado puede explotar esta vulnerabilidad mediante el env\u00edo de un mensaje espec\u00edfico al producto afectado.\u0026#xa0;Debido a que no se libera la memoria asignada apropiadamente, una explotaci\u00f3n con \u00e9xito puede causar p\u00e9rdida de memoria"
}
],
"id": "CVE-2020-9124",
"lastModified": "2024-11-21T05:40:05.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-29T18:15:13.230",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v100r003c00 | |
| huawei | cloudengine_12800_firmware | v100r005c00 | |
| huawei | cloudengine_12800_firmware | v100r005c10 | |
| huawei | cloudengine_12800_firmware | v100r006c00 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v100r003c00 | |
| huawei | cloudengine_5800_firmware | v100r005c00 | |
| huawei | cloudengine_5800_firmware | v100r005c10 | |
| huawei | cloudengine_5800_firmware | v100r006c00 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v100r003c00 | |
| huawei | cloudengine_6800_firmware | v100r005c00 | |
| huawei | cloudengine_6800_firmware | v100r005c10 | |
| huawei | cloudengine_6800_firmware | v100r006c00 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v100r003c00 | |
| huawei | cloudengine_7800_firmware | v100r005c00 | |
| huawei | cloudengine_7800_firmware | v100r005c10 | |
| huawei | cloudengine_7800_firmware | v100r006c00 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB5929-1526-4910-BE22-07FCDDA06D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C42246DF-E736-4D98-AF73-3F5B731485D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "374AD269-B0F4-4534-ABAC-D08343B2CE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
},
{
"lang": "es",
"value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10 y V100R006C00 tienen una vulnerabilidad de fuga de memoria. Un atacante no autenticado podr\u00eda enviar paquetes RSVP (Resource ReServation Protocol) a los productos afectados. Dado que no se libera la memoria para gestionar los paquetes, una explotaci\u00f3n con \u00e9xito resultar\u00e1 en la fuga de memoria de los productos afectados y en una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-15349",
"lastModified": "2024-11-21T03:14:31.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T16:29:01.203",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-29 20:15
Modified
2024-11-21 05:11
Severity ?
Summary
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r019c00 | |
| huawei | cloudengine_12800_firmware | v200r019c00spc600 | |
| huawei | cloudengine_12800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_12800_firmware | v200r019c10 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9321AE-DC09-4878-8905-46AE93E8474B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6B58912A-A28B-467E-B109-A694194E4F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2796CF7B-5EF3-451E-97EC-D8B885739969",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100."
},
{
"lang": "es",
"value": "Hay una vulnerabilidad denegaci\u00f3n de servicio en algunos productos Huawei. Debido a una administraci\u00f3n inapropiada de la memoria, pueden producirse fugas de memoria en algunos casos especiales. Los atacantes pueden llevar a cabo una serie de operaciones para explotar esta vulnerabilidad. Una explotaci\u00f3n con \u00e9xito puede causar una denegaci\u00f3n de servicio. Las versiones de productos afectados incluyen: CloudEngine 12800 versi\u00f3n V200R019C00SPC800; CloudEngine 5800 versi\u00f3n V200R019C00SPC800; CloudEngine 6800 versi\u00f3n V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versi\u00f3n V200R019C00SPC800; NE40E versi\u00f3n V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versi\u00f3n V800R011C00SPC200, V800R011C10SPC100; NE40E-M versi\u00f3n V800R011C00SPC200, V800R011C10SPC100."
}
],
"id": "CVE-2020-1870",
"lastModified": "2024-11-21T05:11:30.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-29T20:15:11.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-29 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r005c20spc800 | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en algunas versiones del producto Huawei CloudEngine.\u0026#xa0;Un m\u00f3dulo no se ocupa apropiadamente de un mensaje espec\u00edfico.\u0026#xa0;Unos atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de paquetes maliciosos.\u0026#xa0;Esto puede conllevar a una denegaci\u00f3n del servicio"
}
],
"id": "CVE-2020-9094",
"lastModified": "2024-11-21T05:40:00.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-29T18:15:13.183",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-24 16:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "2601F8EC-A011-4614-80CA-3A01D80D9B7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B76265-8C33-43A6-AAA7-7521B95F1C57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "542A16DF-B995-417E-AE19-DFF9CC499D7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "512A374E-09BE-4ACD-9F87-C1752C882778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de privilegios en algunas versiones de CloudEngine 12800, CloudEngine 5800, CloudEngine 6800 y CloudEngine 7800. Debido a una comprobaci\u00f3n insuficiente de la entrada, un atacante local con privilegios elevados puede ejecutar algunos scripts especialmente dise\u00f1ados en los productos afectados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una escalada de privilegios"
}
],
"id": "CVE-2020-9137",
"lastModified": "2024-11-21T05:40:06.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-24T16:15:16.037",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-02-privilege-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 01:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_12800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_5800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_6800_firmware | v200r005c20spc800 | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_7800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de uso de memoria previamente liberada (UAF) en los productos de Huawei. Un atacante puede dise\u00f1ar paquetes espec\u00edficos para explotar esta vulnerabilidad. Una explotaci\u00f3n con \u00e9xito puede causar el servicio anormal. Las versiones de producto afectadas son: CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800"
}
],
"id": "CVE-2021-37122",
"lastModified": "2024-11-21T06:14:41.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.597",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-29 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r005c20spc800 | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de autenticaci\u00f3n inapropiada en algunas versiones del producto Huawei CloudEngine.\u0026#xa0;Un m\u00f3dulo no verifica apropiadamente el archivo de entrada.\u0026#xa0;Unos atacantes pueden explotar esta vulnerabilidad al dise\u00f1ar archivos maliciosos para omitir el mecanismo de verificaci\u00f3n actual.\u0026#xa0;Esto puede comprometer el servicio normal"
}
],
"id": "CVE-2020-9207",
"lastModified": "2024-11-21T05:40:10.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-29T18:15:13.337",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-23 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio en algunos productos de Huawei. En determinados escenarios, debido al manejo inapropiado de los paquetes, un atacante puede dise\u00f1ar el paquete espec\u00edfico. Una explotaci\u00f3n con \u00e9xito puede causar algunos servicios anormales. Las versiones afectadas del producto incluyen: CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800."
}
],
"id": "CVE-2021-22328",
"lastModified": "2024-11-21T05:49:55.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-23T20:15:13.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-13 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_7800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_7800 | - | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_5800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_12800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_12800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de filtrado de memoria en CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 y CloudEngine 7800 V200R019C00SPC800. El software no rastrea y libera suficientemente la memoria asignada mientras analiza una serie de mensajes binarios elaborados, lo que podr\u00eda consumir la memoria restante. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar el agotamiento de la memoria"
}
],
"id": "CVE-2021-40008",
"lastModified": "2024-11-21T06:23:22.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-13T16:15:09.923",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-22 19:29
Modified
2024-11-21 03:33
Severity ?
Summary
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en | Issue Tracking, Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ac6005_firmware:v200r006c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "CC214387-5475-4906-9DB0-37904F155D3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ac6005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3681DA94-7184-4DC6-BD73-FCE2DB808F07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ac6605_firmware:v200r006c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "27E1DFD0-E93F-4603-A0BD-0A9BB47FEF83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ac6605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E5AE5-EBB2-4E05-A3C7-E2CA54205FF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c10cp0582t:*:*:*:*:*:*:*",
"matchCriteriaId": "1C83A896-DBC0-4BF1-8FE8-1A69229C0AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c10hp0581t:*:*:*:*:*:*:*",
"matchCriteriaId": "50006839-F220-4076-A90C-3DC021E318E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c20spc026t:*:*:*:*:*:*:*",
"matchCriteriaId": "FC958A4F-DE8B-452C-B8BB-F905E8FCE81B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r005c20spc026t:*:*:*:*:*:*:*",
"matchCriteriaId": "B375CF5B-F667-4C55-A0FA-A3341D07DC10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20spc026t:*:*:*:*:*:*:*",
"matchCriteriaId": "41B21485-192C-43E2-9F3A-26248F6EE3D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB5929-1526-4910-BE22-07FCDDA06D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4492E892-7BE5-413A-AD53-2D39BD6626F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1573B4A5-A78B-4A17-8E1B-673A11D18221",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C42246DF-E736-4D98-AF73-3F5B731485D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "CD5BEF58-456D-4983-B1CA-A53CE5C4E24E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "374AD269-B0F4-4534-ABAC-D08343B2CE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B0FFE8C7-6E03-45ED-A581-779C75A5C432",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "397A2479-E943-401D-80AA-CD647E4AD451",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:e600_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FE665712-0AF8-4671-9C3B-E2361B67A115",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:e600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "021DF9A0-E7A9-4BB4-B8FA-49702D5F9E17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D81469B-EC6C-493D-B632-4DF821A1F304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "293C2F9D-AD5B-4BEA-AA5F-42867723A3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v100r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF14270-0AB9-425D-BB3C-53580F0E9568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37009595-4D24-4679-93B7-3DCB6812E904",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D875DDE-A38C-4C96-BE75-1CC5EAB7127B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D7CB90-6F2C-4012-8E57-F3B85F9D09C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c03:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFF6D05-BC82-4943-9D79-95CBEDD5CD2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c05:*:*:*:*:*:*:*",
"matchCriteriaId": "0B863F3A-38C5-4E36-8E71-713B12EE6889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6CC00C-1056-426B-9828-1A886F2C8D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "2EEB211D-DF38-446D-8188-A1BA2B5055EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "F72A58FB-F7F5-4A4E-9B6A-F58A81B95040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C82DA6-8D95-45D2-B54C-CFE1AA9CC1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "84857AE5-BCD7-4CD7-B1E0-EED6160189DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA81D41-E5C2-4788-A8EF-634B6273C454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "C47744E0-DAA5-41F5-8983-76457145029C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1F982369-1A22-4F39-90AD-ABB824845774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "79FA2FDA-DB2D-47D9-8017-0E5D4EC8D620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A40EFA43-E71F-464D-829C-8D4C60A57765",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17566603-275F-4E6B-B5D9-4A716EEC03DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "39637990-2BCB-4429-B9FF-E24305D689B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "02401EA6-28B6-4424-B182-C20CD081FFD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v100r006c03:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA85312-3C8F-4F1F-8138-1A091C453193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v100r006c05:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7D9357-D179-4B24-A073-17BA09AEC7E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9888DCAA-118C-4091-8425-8FBEE3AAABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "35D75511-AFE2-4F56-BD35-38196442B369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3B89B7-1EA4-4597-BE48-67D0F79DB482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AED7DFC5-846F-4F90-91A8-13E9E805C9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBB2862-B8A8-4723-AB8C-2F703204B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A7075-264D-4AD7-92AE-10EADC4F2CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA1D0A3-F955-4E7A-B52C-E9B483FB87DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0090CFFF-364F-436E-AA48-4AF6DCE852CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5A65B0-66CC-456D-B356-FBF4B24E2EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c01:*:*:*:*:*:*:*",
"matchCriteriaId": "03E13B90-A465-4FBB-9D40-8EE380EB6CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD6E677-2031-4AC4-A5FE-DED60F789127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BAE79D-445C-4234-B520-A00073750161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD118E1-317E-4903-A4D0-51EBCFA58C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FD601FFF-E623-4ADC-B286-D11B8004D7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5A6744-9B7F-4FF4-BE1B-AB6E6249ECE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA51B28-0130-4643-B45D-F2A74A08C9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5EAEF900-7C8C-4569-B74B-A802F951CC47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "58C2E728-E8F2-461D-A069-4BEC88B94FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6B13D4-07F3-4CB5-8194-89781E685A78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5454BC21-A04F-4B3D-8533-2414B6E1BC8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "45C60179-9ADC-4C50-8973-0767F295A963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D3E8A8-0D1E-40E7-8F94-81BACD476750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v100r006c01:*:*:*:*:*:*:*",
"matchCriteriaId": "4F89C2BA-E029-4D8E-93FB-F72322B21450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "336AA440-AEF4-482B-A037-8976DC38BA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "228D261C-DB88-4AEE-91D3-772DD28E4CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2DE9FE-5EC9-462E-86F0-EE772C944DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4907FBB8-5157-460D-9240-DD7D610C0FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "2898D6C5-77AB-4C1F-8134-B2DBD13EDB81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "914C959A-3A3B-4B9C-BEF6-9EE129042C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6B86F2-833E-4F41-A310-FC75A21D8241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7A680CFA-9C46-453D-A5BC-8ED1EBD45C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEA87EC-B795-41BB-AC08-2E2F4D77BEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B67169-BF28-4493-89E9-9AAB895D9456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5C330A14-C941-4B28-AA9C-B78A96A9011D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "A73AC184-24AF-4DE8-BDFC-D646475C21F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "3F94C9F0-CBB9-4F5C-8D5C-8DD1B420C0BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C6818ECD-730B-40D6-9108-B8540CC4BF1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "939C73D9-E0E9-47A5-970E-6C84F5ECD2D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ECAC9C-B545-4DA7-9DC7-6B661B3465BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7B7285-F4C6-415C-A948-D7612750A77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD40F46-5E04-43F0-A2DB-0ACBEC92C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6DC0AF-017E-41BC-A19D-F9AA055F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD08A9D-8391-4F67-A61B-D80950079CE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC63F52-B7FE-4F43-9A70-ECB2D3621195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD4718F-473A-490E-8DFC-6A09FECDDD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4AF711-D921-4261-A459-2A0780EA951F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C306E48F-EE09-4C7D-9084-484245A1A9F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D8061AC8-1A89-4D3D-A95A-305EE65900A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D3EAD-1EB3-4C62-80BA-4C9C3CE0408C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "65902ABB-3EF2-4C8B-BAC1-84BC585019BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D75B012-A57D-4C6D-AB26-51D2ECC02F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DFF0C0-AA17-4AA1-A418-4759D1A58852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D84F05D5-BA7D-485B-91C2-273349335CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4E180AC6-B8CA-4733-82A1-8BA7D0B0B683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "937381A6-259E-4FC3-837D-686ECCB4957F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C2351-2403-4259-9113-031DD4AE39BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6E38DC13-7D02-4C04-9569-FC6365A06F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F37BC5-3B25-4E30-A1CA-5ACFA46119B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EC83D96A-728C-40C1-97F5-BE079A39D724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "473B6E52-E60F-4D3C-9028-E362DF2A8327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2632DC1D-0CB9-4493-9270-436139C88623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8AE44D-1924-4C01-B4B9-CC5BF485A3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "886E9D1F-25FA-41FA-A64B-E42B9910D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7DB9D3-BB34-49BE-8302-A054D79FE8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACAD052-796D-428E-95B1-65099952B773",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F0B3D-1923-42C3-A3DB-03D11BE059D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB6ED15-477B-4BB5-AA94-0D7897FBD962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "06AD9ACA-E0C3-4096-BE50-94E717CDA318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "325D6523-A07A-48D4-AD44-CF838BD77432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A638ACAF-9A6F-4861-8CDB-E43FBC3C9C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
},
{
"lang": "es",
"value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 con software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 con software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 con software V100R006C00, V200R001C00,E600 V200R008C00,S12700 con software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 con software V100R006C00, V100R007C00, V200R006C00,S2300 con software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 con software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 con software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 con software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 con software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 con software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 con software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 con software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 con software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 y Secospace USG6600 V500R001C00SPC050 tienen una vulnerabilidad MaxAge LSA debido a una implementaci\u00f3n OSPF incorrecta. Cuando el dispositivo recibe paquetes LSA especiales, la propiedad age del LS (Link Status) ser\u00eda igual al de MaxAge, 3600 segundos. Un atacante podr\u00eda explotar esta vulnerabilidad para envenenar la tabla de rutas y lanzar un ataque de denegaci\u00f3n de servicio (Dos)."
}
],
"id": "CVE-2017-8147",
"lastModified": "2024-11-21T03:33:24.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-22T19:29:03.257",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-31 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r019c10spc800 | |
| huawei | cloudengine_12800_firmware | v200r019c10spc900 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r019c10spc800 | |
| huawei | cloudengine_5800_firmware | v200r020c00spc600 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r019c10spc800 | |
| huawei | cloudengine_6800_firmware | v200r019c10spc900 | |
| huawei | cloudengine_6800_firmware | v200r020c00spc600 | |
| huawei | cloudengine_6800_firmware | v300r020c00spc200 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r019c10spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "2601F8EC-A011-4614-80CA-3A01D80D9B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc900:*:*:*:*:*:*:*",
"matchCriteriaId": "D98CADEE-368B-48D8-A4BE-E52FD0D41B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B76265-8C33-43A6-AAA7-7521B95F1C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r020c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "028B5AE9-D6E2-433A-87AB-B0CEDB521766",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "542A16DF-B995-417E-AE19-DFF9CC499D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc900:*:*:*:*:*:*:*",
"matchCriteriaId": "54CC8EC4-24B8-4373-BD33-59BF3ECAFE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r020c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B4877378-7D87-4912-9C2A-52AC099C7C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v300r020c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "30DA3AD0-4A32-495D-A890-40B38BEB1567",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "512A374E-09BE-4ACD-9F87-C1752C882778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de puntero no v\u00e1lido en algunos productos de Huawei, una explotaci\u00f3n con \u00e9xito puede causar que el proceso y el servicio sean anormales. Las versiones de producto afectadas incluyen: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versiones V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800"
}
],
"id": "CVE-2021-40042",
"lastModified": "2024-11-21T06:23:26.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-31T16:15:09.970",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-763"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-17 23:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de filtrado de informaci\u00f3n en algunos productos de Huawei, y podr\u00eda permitir a un atacante local obtener informaci\u00f3n. La vulnerabilidad es debido a una administraci\u00f3n inapropiada del nombre de usuario. Un atacante con la capacidad de acceder al dispositivo y causar el filtrado de informaci\u00f3n del nombre de usuario. Las versiones de productos afectados incluyen: CloudEngine 12800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versiones V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
}
],
"id": "CVE-2020-9102",
"lastModified": "2024-11-21T05:40:02.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-17T23:15:11.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 03:00
Severity ?
Summary
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en | Vendor Advisory | |
| psirt@huawei.com | http://www.securityfocus.com/bid/94618 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94618 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_6800_firmware | v100r006c00 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v100r006c00 | |
| huawei | cloudengine_7800 | - | |
| huawei | cloudengine_8800_firmware | v100r006c00 | |
| huawei | cloudengine_8800 | - | |
| huawei | cloudengine_12800_firmware | v100r006c00 | |
| huawei | cloudengine_12800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition."
},
{
"lang": "es",
"value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00 y CloudEngine 12800 V100R006C00 permiten a atacantes remotos con permiso especifico almacenar archivos masivos para agotar el espacio de almacenamiento compartido, dirigiendo a una condici\u00f3n DoS."
}
],
"id": "CVE-2016-8780",
"lastModified": "2024-11-21T03:00:03.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:01.563",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94618"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-31 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_5800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_6800_firmware | v200r005c20spc800 | |
| huawei | cloudengine_6800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_7800_firmware | v200r019c00spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de exposici\u00f3n de informaci\u00f3n en varios productos de Huawei. La vulnerabilidad es debido a que el software no protege apropiadamente de terminada informaci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una divulgaci\u00f3n de informaci\u00f3n. Las versiones de producto afectadas son: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800"
}
],
"id": "CVE-2021-40033",
"lastModified": "2024-11-21T06:23:25.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-31T16:15:09.923",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-28 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_12800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_12800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_12800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_12800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_12800 | - | |
| huawei | cloudengine_5800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_5800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_5800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_5800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_6800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_6800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_6800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v200r002c50spc800 | |
| huawei | cloudengine_7800_firmware | v200r003c00spc810 | |
| huawei | cloudengine_7800_firmware | v200r005c00spc800 | |
| huawei | cloudengine_7800_firmware | v200r005c10spc800 | |
| huawei | cloudengine_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*",
"matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*",
"matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de puntero doble liberaci\u00f3n en algunas versiones de CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 y CloudEngine 12800. Cuando es llamada una funci\u00f3n, el mismo puntero de memoria es copiada en dos m\u00f3dulos funcionales.\u0026#xa0;Unos atacantes pueden explotar esta vulnerabilidad al llevar a cabo una operaci\u00f3n maliciosa para causar el puntero doblemente liberado.\u0026#xa0;Esto puede conllevar a un bloqueo del m\u00f3dulo, comprometiendo el servicio normal"
}
],
"id": "CVE-2021-22332",
"lastModified": "2024-11-21T05:49:55.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-28T13:15:08.277",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-doublefree-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 03:00
Severity ?
Summary
Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en | Vendor Advisory | |
| psirt@huawei.com | http://www.securityfocus.com/bid/94504 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94504 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8C57488D-7016-4C14-AD78-69179E09200F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "061D3731-37D1-40A9-BE2B-7C43CADC3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A36C33CD-94CF-4838-9800-5E4B93BA0550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C42246DF-E736-4D98-AF73-3F5B731485D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3752F8-78AB-43C9-B499-B3E2031BB29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "562FD9D7-ED38-4209-AAEE-6A51292661CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB5929-1526-4910-BE22-07FCDDA06D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "374AD269-B0F4-4534-ABAC-D08343B2CE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5D868B-B2F8-4C25-8134-5ED8758AFB90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset."
},
{
"lang": "es",
"value": "Huawei CloudEngine 12800 con software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 con software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 con software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 con software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 con software V100R006C00; y Secospace USG6600 con software V500R001C00 permiten a atacantes remotos no autenticados manipular paquetes IPFPM espec\u00edficos para desencadenar un desbordamiento de entero y provocar el restablecimiento del dispositivo."
}
],
"id": "CVE-2016-8795",
"lastModified": "2024-11-21T03:00:05.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:01.797",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94504"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 03:00
Severity ?
Summary
Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en | Vendor Advisory | |
| psirt@huawei.com | http://www.securityfocus.com/bid/94402 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94402 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudengine_5800_firmware | v100r003c10 | |
| huawei | cloudengine_5800_firmware | v100r005c00 | |
| huawei | cloudengine_5800_firmware | v100r005c10 | |
| huawei | cloudengine_5800_firmware | v100r006c00 | |
| huawei | cloudengine_5800 | - | |
| huawei | cloudengine_6800_firmware | v100r003c10 | |
| huawei | cloudengine_6800_firmware | v100r005c00 | |
| huawei | cloudengine_6800_firmware | v100r005c10 | |
| huawei | cloudengine_6800_firmware | v100r006c00 | |
| huawei | cloudengine_6800 | - | |
| huawei | cloudengine_7800_firmware | v100r003c10 | |
| huawei | cloudengine_7800_firmware | v100r005c00 | |
| huawei | cloudengine_7800_firmware | v100r005c10 | |
| huawei | cloudengine_7800_firmware | v100r006c00 | |
| huawei | cloudengine_7800 | - | |
| huawei | cloudengine_8800_firmware | v100r006c00 | |
| huawei | cloudengine_8800 | - | |
| huawei | cloudengine_12800_firmware | v100r003c10 | |
| huawei | cloudengine_12800_firmware | v100r005c00 | |
| huawei | cloudengine_12800_firmware | v100r005c10 | |
| huawei | cloudengine_12800_firmware | v100r006c00 | |
| huawei | cloudengine_12800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "061D3731-37D1-40A9-BE2B-7C43CADC3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3752F8-78AB-43C9-B499-B3E2031BB29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5D868B-B2F8-4C25-8134-5ED8758AFB90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
},
{
"lang": "es",
"value": "Huawei CloudEngine 5800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 6800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 7800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 8800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 12800 con software en versiones anteriores a V200R001C00SPC700 podr\u00eda permitir al atacante explotar una vulnerabilidad de desbordamiento de b\u00fafer enviando paquetes manipulados al sistema afectado para provocar un reinicio del panel de control principal."
}
],
"id": "CVE-2016-8790",
"lastModified": "2024-11-21T03:00:04.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:01.640",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94402"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}