Search criteria
108 vulnerabilities found for s6700_firmware by huawei
FKIE_CVE-2021-37129
Vulnerability from fkie_nvd - Published: 2021-10-27 01:15 - Updated: 2024-11-21 06:14
Severity ?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A91B37BC-F4FD-499A-918E-6396251A0F5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEB99CA-7B73-4633-9F9C-9AF54B0A43FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "975CEC1E-D82C-45AD-B920-80961221C0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9824CC2-7B77-4FD7-9509-49FA0D94AF4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0442199D-AF21-44E8-B604-7D64129FD25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ED767D-2826-4ECD-8C59-B688AC54B0CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "A630BDAD-C254-4107-9593-1E9FB415C138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D63D0-072D-4E44-B254-491974603C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*",
"matchCriteriaId": "913DDCCC-0A91-458D-8A74-E4B9E9A71EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCC64B5-1BB4-4A4B-983F-D1D986CA506E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32CA1299-EA8A-4A24-96AA-DC3C5C3B9701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "20386C76-4480-47ED-99AD-7ADBE41C3364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "4676DA03-36A6-40B1-BA74-75260083D10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4217C-0FBB-46BC-B108-F53A2AF259E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "744381A0-4E85-4F0C-881B-DF2F7E1DB186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6D60424B-15CE-415E-8E6C-34E5DC52E6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "46FDAD12-710C-4FE1-950F-B57810649C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "F402F7DA-6BDF-4C53-B33B-3D8FE1B14506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "238025D5-0E08-4708-BA6D-6E6560814525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE1FCE-5E38-4436-96B9-57DE026BDE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0768-EE4C-408B-8FDD-87CBC4970688",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8030D59B-D7AC-4155-B23C-0E77603F9DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D191A-1496-4A38-BD9B-4222A9CA31BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B4342AD2-7764-4447-9341-78DF30E20416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "37C57D09-618F-44B0-86A8-5BAC25CA486F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "CD82D614-9515-4A9C-B96A-2614DDADEB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B45A35D3-D5CE-40F1-ABC2-9A9E6FA8FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "234ED4C3-67B4-4B0E-8EA1-9A70CAAD2BCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "31F8A14F-8956-493C-8062-EAB872AD0420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei. La vulnerabilidad est\u00e1 causada por una funci\u00f3n de un m\u00f3dulo que no verifica correctamente el par\u00e1metro input. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una escritura fuera de l\u00edmites conllevando a una condici\u00f3n de denegaci\u00f3n de servicio. Las versiones de producto afectadas incluyen: M\u00f3dulo IPS V500R005C00,V500R005C20;M\u00f3dulo NGFW V500R005C00;NIP6600 V500R005C00,V500R005C20; S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10; S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20"
}
],
"id": "CVE-2021-37129",
"lastModified": "2024-11-21T06:14:42.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.763",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22357
Vulnerability from fkie_nvd - Published: 2021-08-23 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s12700_firmware | v200r013c00spc500 | |
| huawei | s12700_firmware | v200r019c00spc500 | |
| huawei | s12700 | - | |
| huawei | s5700_firmware | v200r013c00spc500 | |
| huawei | s5700_firmware | v200r019c00spc500 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r013c00spc500 | |
| huawei | s6700_firmware | v200r019c00spc500 | |
| huawei | s6700 | - | |
| huawei | s7700_firmware | v200r013c00spc500 | |
| huawei | s7700_firmware | v200r019c00spc500 | |
| huawei | s7700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4D9F10-C71A-4C22-9A1A-3DDFD363E42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "698F9215-4B2C-4A35-9860-3C6591267EEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32203724-9D88-4585-ABB5-78D474273794",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "7185BACA-36F6-4B45-9E06-DEA98D31A2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "613E1109-B921-4477-893D-179C1D1A6008",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio en los productos de Huawei. Un m\u00f3dulo no puede tratar mensajes espec\u00edficos debido a un comprobaci\u00f3n de entradas insuficiente. Unos atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de mensajes espec\u00edficos al m\u00f3dulo afectado. Esto puede causar una denegaci\u00f3n de servicio. Las versiones afectadas del producto incluyen: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
}
],
"id": "CVE-2021-22357",
"lastModified": "2024-11-21T05:49:58.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-23T20:15:14.197",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22329
Vulnerability from fkie_nvd - Published: 2021-06-29 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en la administraci\u00f3n de licencias en algunos productos de Huawei. Un atacante con altos privilegios necesita llevar a cabo operaciones espec\u00edficas para explotar la vulnerabilidad en el dispositivo afectado. Debido a la administraci\u00f3n inapropiada de la licencia del dispositivo, como resultado, el archivo de licencia se puede aplicar y afectar a la integridad del dispositivo. Las versiones de producto afectadas son: S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10; S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100; S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10; S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
],
"id": "CVE-2021-22329",
"lastModified": "2024-11-21T05:49:55.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-29T20:15:08.083",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22377
Vulnerability from fkie_nvd - Published: 2021-06-22 19:15 - Updated: 2024-11-21 05:50
Severity ?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s12700_firmware | v200r019c00spc500 | |
| huawei | s12700 | - | |
| huawei | s2700_firmware | v200r019c00spc500 | |
| huawei | s2700 | - | |
| huawei | s5700_firmware | v200r019c00spc500 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r019c00spc500 | |
| huawei | s6700 | - | |
| huawei | s7700_firmware | v200r019c00spc500 | |
| huawei | s7700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "547FFF0C-A572-40C6-849B-8FBEEF551062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32203724-9D88-4585-ABB5-78D474273794",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "613E1109-B921-4477-893D-179C1D1A6008",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comandos en S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 y S7700 V200R019C00SPC500. Un m\u00f3dulo no comprueba suficientemente la entrada espec\u00edfica. Los atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de par\u00e1metros maliciosos para inyectar el comando. Esto puede comprometer el servicio normal"
}
],
"id": "CVE-2021-22377",
"lastModified": "2024-11-21T05:50:00.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T19:15:07.953",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22359
Vulnerability from fkie_nvd - Published: 2021-05-27 13:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s5700_firmware | v200r005c00spc500 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r005c00spc500 | |
| huawei | s6700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio en las versiones V200R005C00SPC500 de S5700 y V200R005C00SPC500 del dispositivo S6700.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje espec\u00edfico hacia un dispositivo objetivo.\u0026#xa0;Debido a una comprobaci\u00f3n de entrada insuficiente. Una explotaci\u00f3n con \u00e9xito puede causar que el servicio sea anormal"
}
],
"id": "CVE-2021-22359",
"lastModified": "2024-11-21T05:49:58.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-27T13:15:07.897",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22321
Vulnerability from fkie_nvd - Published: 2021-03-22 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0A91097D-76DB-4E5D-B520-6BF22E73BEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "D085F205-5C80-4A34-89A9-54F9FB8F2F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "74B7C57C-7CD4-4FF0-BE51-2F4794FED7AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en un producto de Huawei.\u0026#xa0;Un m\u00f3dulo no puede tratar operaciones espec\u00edficas en escenarios especiales.\u0026#xa0;Los atacantes pueden explotar esta vulnerabilidad al realizar operaciones maliciosas.\u0026#xa0;Esto puede causar un uso de la memoria previamente liberada, comprometiendo el servicio normal.\u0026#xa0;Los productos afectados incluyen algunas versiones de NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700, S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 y USG9500"
}
],
"id": "CVE-2021-22321",
"lastModified": "2024-11-21T05:49:54.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-22T20:15:17.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1866
Vulnerability from fkie_nvd - Published: 2021-01-13 23:15 - Updated: 2024-11-21 05:11
Severity ?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | nip6800_firmware | v500r001c30 | |
| huawei | nip6800_firmware | v500r001c60spc500 | |
| huawei | nip6800_firmware | v500r005c00 | |
| huawei | nip6800 | - | |
| huawei | s12700_firmware | v200r008c00 | |
| huawei | s12700 | - | |
| huawei | s2700_firmware | v200r008c00 | |
| huawei | s2700 | - | |
| huawei | s5700_firmware | v200r008c00 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r008c00 | |
| huawei | s6700 | - | |
| huawei | s7700_firmware | v200r008c00 | |
| huawei | s7700 | - | |
| huawei | s9700_firmware | v200r008c00 | |
| huawei | s9700 | - | |
| huawei | secospace_usg6600_firmware | v500r001c30spc200 | |
| huawei | secospace_usg6600_firmware | v500r001c30spc600 | |
| huawei | secospace_usg6600_firmware | v500r001c60spc500 | |
| huawei | secospace_usg6600_firmware | v500r005c00 | |
| huawei | secospace_usg6600 | - | |
| huawei | usg9500_firmware | v500r001c30spc300 | |
| huawei | usg9500_firmware | v500r001c30spc600 | |
| huawei | usg9500_firmware | v500r001c60spc500 | |
| huawei | usg9500_firmware | v500r005c00 | |
| huawei | usg9500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0C986370-A4E1-4EA0-BA3E-122F4D16D3F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en varios productos.\u0026#xa0;El software lee los datos m\u00e1s all\u00e1 del final del b\u00fafer previsto cuando se analizan determinados mensajes DHCP dise\u00f1ados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda causar un servicio anormal.\u0026#xa0;versiones afectadas de productos incluyen: NIP6800 versiones V500R001C30, V500R001C30,V500R001C60; SPC500 versiones V500R005C00; S12700 versiones V200R008C00; S2700 versiones V200R008C00; S5700 versiones V200R008C00; S6700 versiones V200R008C00; S7700 versiones V200R008C00; S9700 versiones V200R008C00; Secospace USG6600 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC300 versiones V500R001C30; SPC600 versiones V500R001C60 y SPC500 versiones V500R005C00"
}
],
"id": "CVE-2020-1866",
"lastModified": "2024-11-21T05:11:30.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T23:15:13.367",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1810
Vulnerability from fkie_nvd - Published: 2020-01-09 18:15 - Updated: 2024-11-21 05:11
Severity ?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8CAD1A04-54E8-4F24-A018-140F9FBD0562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1E813D-57B1-449A-9513-3AFB083E116A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "9D33A009-B3C9-4894-9426-D51E5D82A189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "417BF51F-E61F-44C3-B479-102DFB3E9233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10hp0001:*:*:*:*:*:*:*",
"matchCriteriaId": "7386FB64-0713-424B-A755-D1CABB877817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4B8058-BEC1-4978-B12F-A526879FB7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "02DB167B-D9CE-439C-8840-525E1A4BB079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4492E892-7BE5-413A-AD53-2D39BD6626F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7B1A3E-5D5A-4E3A-89F1-73DA7FF0F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC0FC04-05F0-4591-89EF-4E54D9A3ED8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B7353CA0-9073-4EBD-B2FF-6FAD43274E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "433BD50B-C8A5-4F0B-8905-18131C9FD364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F56ADA0A-B3B1-4B6C-9800-EB28B61E3F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "53A7B27E-CA45-44B7-9BE1-5B11D69BDDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A24F24-F960-4F0F-A553-3C7EAE5C13E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF2F7D0-8A62-4B9B-9551-749178FEA120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDCF4CA-48CF-4AEC-B3EC-7CD9EF9E3DA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de algoritmo d\u00e9bil en algunos productos Huawei. Los productos afectados utilizan el algoritmo RSA en el algoritmo de intercambio de claves SSL que se ha considerado como un algoritmo d\u00e9bil. Los atacantes pueden explotar esta vulnerabilidad para filtrar cierta informaci\u00f3n."
}
],
"id": "CVE-2020-1810",
"lastModified": "2024-11-21T05:11:25.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-09T18:15:10.593",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5304
Vulnerability from fkie_nvd - Published: 2020-01-03 15:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "79DA91B4-77A6-4A37-8799-5E548184D49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE26C9-C434-4EFB-A1E6-64563BFAA389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFC3539-5078-4E8E-AA32-F81945EB12FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8934C1-9162-4C52-A0FC-6B2914E93304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "C623D44E-463B-49A3-81F8-AD219E035B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "75E27982-56E6-4A6F-9124-34C7420FDDE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "1426C52B-72BB-4EA3-ABF6-ED14B13404B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC1D978-9DA1-4165-A66C-2D274B188C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "DF226F5B-7BF8-4475-8C0C-91E2E43C6E53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DBE3C-873E-4620-B438-3187054EBD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFC3878-5A1D-4846-B4F9-3D1FC1DBCF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6B64AE02-D345-4628-A086-7C63C255707C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "B1868FD9-8FC3-4051-8F22-F2BDF48854A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "4403DAD1-90B3-44EC-8A34-64D6E321170B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC8C3E-420F-49D1-9E58-98E4E23A024F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "787AC5E3-CE88-491D-8211-BAB11112019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "868602DB-D063-4BE4-A02B-936433CD8231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "C194C888-308D-4301-A277-598AD954010E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "372E2136-95CE-4833-B4AF-306F0807BA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A685289C-08B1-43D4-9970-84A7FC75E54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "2D609298-9ACE-4726-AD04-6765D8F2C374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "798A67F0-A357-48AC-97FB-D1EA03B932D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "629DF7DD-4900-41CB-B257-7DE20A9B9DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "344D64D1-A9B3-4BFA-ACF3-B421ED427A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED9DF8-A444-4684-932D-12B4B2F98736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BFABDC-1D81-4FA0-BA60-E3AC9680941F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "17586781-04AB-4285-BCA2-5DB13B8D94E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2EC4F9-EB14-4628-9F89-34168BBD6A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "C736642A-6B32-458B-AF12-FD45534BEA60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "7E941177-EB4C-4EFB-930C-D2205A94D828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "36DE9947-C096-4B7F-8F3E-748DEFC677C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A7DDB3-4A2B-46A5-B952-F0FECF88373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C5B4A6-CB18-4481-A5A2-EE9ABC82D89D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A20ED1-7138-4FD0-BA2B-637D41739603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B897F931-00B2-4FDF-90CE-5077416E42BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "3409C0D7-74AF-46AD-9E93-9D1F187C291F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7653DC1-2293-4420-BC2A-2DC0FF2210E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3C10C07E-5194-4EAB-9AC8-DB87CE52F5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D0F6C6-5A87-482B-8B2A-693AC7736CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70804-3A07-4C82-806B-5F5CA075ABF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6E52BCED-46D1-4ED9-9A8A-41AA4B88A1AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "52BBC28A-2A50-402F-B3CA-03718789F503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C53E6-0A9E-4F10-8BE6-0B4BC7123416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8E1096-F070-4CE9-B2B4-6368890706A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "1856722C-597D-495D-AFCC-21E5FF6F2359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC040A6-3E38-4B21-9779-67CF66FDC6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A321DABC-2B17-4B32-AF63-944476C0E68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7A0E2C-8383-443D-8625-77CBC53D2140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6F719A3F-2EEE-470B-B42B-0E4B7C7CBD89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "DA500A69-F8E4-46A8-9B46-F318F9110C3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "F75C6A63-E42C-4D42-9E66-F561D9B67D8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "DE6E21C6-B5EF-4879-A5D6-4C63276B2EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "98DCADD0-8E0D-4241-AB94-32233C46790E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF1DFD2-5337-45CA-A1A9-2E6622536027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "9C655B04-5CAD-4BA0-AD0D-658DBDD36D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D578E607-CF83-4121-8AF9-EF1DBE5FE42F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "B1731F76-5FE7-4B09-8696-096D0C21CD79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "9C897138-887E-4CD9-B4D2-A8D5DAA851DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "D485D5E3-3819-4F3A-B841-ACB6253ACF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "140F2A04-2F59-4BD7-9FCE-E37E4FAAF5DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D672376C-4256-4CFB-A515-56E31A6706AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r003c01:*:*:*:*:*:*:*",
"matchCriteriaId": "83FEA92D-9EE0-4AE7-9BC6-563F1887BF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "202E709E-CC7D-44AF-A63F-30A6A738F5EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "309B9B0E-3639-4913-9DE4-9D4DAE6B0065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E497D97B-F044-4F9A-84B0-378978FBDC58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "43BAC724-4E88-4E3B-9F95-8086D68CADA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "315EE2BA-475E-4937-BD81-7CD79AA2E377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D44C6818-A25F-439C-873C-57CA6DFE4B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2F8FA9-D98F-4B2B-922F-B1A3D111253A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_antiddos8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE75ACF-D29C-4846-932D-FB9C84E1D35F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "11CAA59E-F2A8-4E84-BCC5-CADA8FDA9712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B3983A57-2F07-4D21-9093-1DFEAB310E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A638ACAF-9A6F-4861-8CDB-E43FBC3C9C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset."
},
{
"lang": "es",
"value": "Algunos productos de Huawei tienen una vulnerabilidad de error de b\u00fafer. Un atacante remoto no identificado podr\u00eda enviar mensajes MPLS Echo Request espec\u00edficos hacia los productos de destino. Debido a una insuficiente comprobaci\u00f3n de entrada de algunos par\u00e1metros en los mensajes, una explotaci\u00f3n con \u00e9xito puede causar que el dispositivo se reinicie."
}
],
"id": "CVE-2019-5304",
"lastModified": "2024-11-21T04:44:42.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-03T15:15:11.993",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5290
Vulnerability from fkie_nvd - Published: 2019-12-13 15:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s5700_firmware | v200r005c00spc500 | |
| huawei | s5700_firmware | v200r005c02 | |
| huawei | s5700_firmware | v200r005c03 | |
| huawei | s5700_firmware | v200r006c00spc100 | |
| huawei | s5700_firmware | v200r006c00spc300 | |
| huawei | s5700_firmware | v200r006c00spc500 | |
| huawei | s5700_firmware | v200r007c00spc100 | |
| huawei | s5700_firmware | v200r007c00spc500 | |
| huawei | s5700_firmware | v200r008c00 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r005c00spc500 | |
| huawei | s6700_firmware | v200r005c01 | |
| huawei | s6700_firmware | v200r005c02 | |
| huawei | s6700_firmware | v200r008c00 | |
| huawei | s6700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F56ADA0A-B3B1-4B6C-9800-EB28B61E3F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "53A7B27E-CA45-44B7-9BE1-5B11D69BDDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A24F24-F960-4F0F-A553-3C7EAE5C13E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF2F7D0-8A62-4B9B-9551-749178FEA120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDCF4CA-48CF-4AEC-B3EC-7CD9EF9E3DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal."
},
{
"lang": "es",
"value": "Los dispositivos Huawei S5700 y S6700 presentan una vulnerabilidad de seguridad de DoS. Los atacantes con determinados permisos llevan a cabo operaciones espec\u00edficas en los dispositivos afectados. Porque el puntero en el programa no es procesado apropiadamente, la vulnerabilidad puede ser explotada para causar que el dispositivo sea anormal."
}
],
"id": "CVE-2019-5290",
"lastModified": "2024-11-21T04:44:40.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-13T15:15:11.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-02-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-02-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5291
Vulnerability from fkie_nvd - Published: 2019-12-13 15:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "62C6C92D-7F31-49FB-BE40-035811FD69AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE26C9-C434-4EFB-A1E6-64563BFAA389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BF5F97-5504-4EA8-8052-36EB58EC8E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "75E27982-56E6-4A6F-9124-34C7420FDDE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC1D978-9DA1-4165-A66C-2D274B188C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "DF226F5B-7BF8-4475-8C0C-91E2E43C6E53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFC3878-5A1D-4846-B4F9-3D1FC1DBCF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "4403DAD1-90B3-44EC-8A34-64D6E321170B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC8C3E-420F-49D1-9E58-98E4E23A024F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "787AC5E3-CE88-491D-8211-BAB11112019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "C194C888-308D-4301-A277-598AD954010E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "372E2136-95CE-4833-B4AF-306F0807BA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "2D609298-9ACE-4726-AD04-6765D8F2C374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "629DF7DD-4900-41CB-B257-7DE20A9B9DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED9DF8-A444-4684-932D-12B4B2F98736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "17586781-04AB-4285-BCA2-5DB13B8D94E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "C736642A-6B32-458B-AF12-FD45534BEA60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "36DE9947-C096-4B7F-8F3E-748DEFC677C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A20ED1-7138-4FD0-BA2B-637D41739603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2BC38B-D016-4E83-A14E-FE8575135DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "3409C0D7-74AF-46AD-9E93-9D1F187C291F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3C10C07E-5194-4EAB-9AC8-DB87CE52F5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70804-3A07-4C82-806B-5F5CA075ABF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "52BBC28A-2A50-402F-B3CA-03718789F503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC0FC04-05F0-4591-89EF-4E54D9A3ED8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B7353CA0-9073-4EBD-B2FF-6FAD43274E3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A321DABC-2B17-4B32-AF63-944476C0E68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7A0E2C-8383-443D-8625-77CBC53D2140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6F719A3F-2EEE-470B-B42B-0E4B7C7CBD89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "F75C6A63-E42C-4D42-9E66-F561D9B67D8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4E07DB63-8FF2-4CBA-A418-59F24D6F005B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "98DCADD0-8E0D-4241-AB94-32233C46790E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF1DFD2-5337-45CA-A1A9-2E6622536027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D578E607-CF83-4121-8AF9-EF1DBE5FE42F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "9C897138-887E-4CD9-B4D2-A8D5DAA851DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "D485D5E3-3819-4F3A-B841-ACB6253ACF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D672376C-4256-4CFB-A515-56E31A6706AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "202E709E-CC7D-44AF-A63F-30A6A738F5EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "309B9B0E-3639-4913-9DE4-9D4DAE6B0065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "43BAC724-4E88-4E3B-9F95-8086D68CADA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal."
},
{
"lang": "es",
"value": "Algunos productos Huawei presentan una comprobaci\u00f3n insuficiente de una vulnerabilidad de autenticidad de datos. Un atacante remoto no autenticado tiene que interceptar paquetes espec\u00edficos entre dos dispositivos, modificar los paquetes y enviar los paquetes modificados hacia el dispositivo peer. Debido a la comprobaci\u00f3n insuficiente de algunos campos en los paquetes, un atacante puede explotar la vulnerabilidad para causar que el dispositivo objetivo sea anormal."
}
],
"id": "CVE-2019-5291",
"lastModified": "2024-11-21T04:44:41.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-13T15:15:11.457",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19397
Vulnerability from fkie_nvd - Published: 2019-12-13 15:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c20:*:*:*:*:*:*:*",
"matchCriteriaId": "985C07E4-1E27-4191-9FB8-4714A177479D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC385D3-E82B-454B-A131-971F3B830EC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC439F55-11AB-42D2-B891-C6C5D62FF5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r012c20:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C93E3-C155-47D2-A927-D4D4F17BA494",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1449504A-662C-403C-85AF-CCB5219CE976",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "17CDA635-A9E7-4678-8970-22DFC028BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r012c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3B80F5B3-147A-46E3-9306-70052511A6D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA68BF50-9118-445D-B778-E60812E67B98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D43F5AE6-A4CD-4C45-A8A4-D5B064FE7C27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1B299A06-5D99-43A8-ACF3-4D79174C536E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de algoritmo d\u00e9bil en algunos productos Huawei. Los productos afectados utilizan algoritmos d\u00e9biles por defecto. Los atacantes pueden explotar la vulnerabilidad para causar filtrados de informaci\u00f3n."
}
],
"id": "CVE-2019-19397",
"lastModified": "2024-11-21T04:34:43.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-13T15:15:11.113",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22357 (GCVE-0-2021-22357)
Vulnerability from cvelistv5 – Published: 2021-08-23 19:30 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S5700;S6700;S7700 |
Affected:
V200R013C00SPC500,V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R013C00SPC500,V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-23T19:30:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22357",
"datePublished": "2021-08-23T19:30:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22329 (GCVE-0-2021-22329)
Vulnerability from cvelistv5 – Published: 2021-06-29 19:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
Severity ?
No CVSS data available.
CWE
- Improper Licenses Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10
Affected: V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Licenses Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:05:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Licenses Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22329",
"datePublished": "2021-06-29T19:05:31",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22377 (GCVE-0-2021-22377)
Vulnerability from cvelistv5 – Published: 2021-06-22 18:10 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
Severity ?
No CVSS data available.
CWE
- Command Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S2700;S5700;S6700;S7700 |
Affected:
V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S2700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T18:10:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S2700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22377",
"datePublished": "2021-06-22T18:10:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22359 (GCVE-0-2021-22359)
Vulnerability from cvelistv5 – Published: 2021-05-27 12:40 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S5700;S6700 |
Affected:
V200R005C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S5700;S6700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T12:40:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S5700;S6700",
"version": {
"version_data": [
{
"version_value": "V200R005C00SPC500"
},
{
"version_value": "V200R005C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22359",
"datePublished": "2021-05-27T12:40:09",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22321 (GCVE-0-2021-22321)
Vulnerability from cvelistv5 – Published: 2021-03-22 19:03 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60
Affected: V500R001C30 Affected: V500R001C60 Affected: V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T19:03:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22321",
"datePublished": "2021-03-22T19:03:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1866 (GCVE-0-2020-1866)
Vulnerability from cvelistv5 – Published: 2021-01-13 22:22 – Updated: 2024-08-04 06:53
VLAI?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60SPC500,V500R005C00
Affected: V200R008C00 Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 Affected: V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:22:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1866",
"datePublished": "2021-01-13T22:22:04",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1810 (GCVE-0-2020-1810)
Vulnerability from cvelistv5 – Published: 2020-01-09 17:44 – Updated: 2024-08-04 06:46
VLAI?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.
Severity ?
No CVSS data available.
CWE
- Weak Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;S5700;S6700 |
Affected:
V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10
Affected: V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500 Affected: V200R005C00SPC500,V200R005C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;S5700;S6700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10"
},
{
"status": "affected",
"version": "V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500"
},
{
"status": "affected",
"version": "V200R005C00SPC500,V200R005C01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T23:00:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;S5700;S6700",
"version": {
"version_data": [
{
"version_value": "V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10"
},
{
"version_value": "V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500"
},
{
"version_value": "V200R005C00SPC500,V200R005C01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1810",
"datePublished": "2020-01-09T17:44:54",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5304 (GCVE-0-2019-5304)
Vulnerability from cvelistv5 – Published: 2020-01-03 14:33 – Updated: 2024-08-04 19:54
VLAI?
Summary
Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
Severity ?
No CVSS data available.
CWE
- Buffer Error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C50 Affected: V200R003C01 Affected: V200R005C20 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R002C00 Affected: V200R005C00 Affected: V200R005C02 Affected: V200R005C03 Affected: V200R006C00 Affected: V200R008C00 Affected: V200R010C00 Affected: V200R011C00 Affected: V200R005C01 Affected: V500R001C60 Affected: V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C50"
},
{
"status": "affected",
"version": "V200R003C01"
},
{
"status": "affected",
"version": "V200R005C20"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V200R005C00"
},
{
"status": "affected",
"version": "V200R005C02"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R006C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R010C00"
},
{
"status": "affected",
"version": "V200R011C00"
},
{
"status": "affected",
"version": "V200R005C01"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-03T14:33:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C50"
},
{
"version_value": "V200R003C01"
},
{
"version_value": "V200R005C20"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V200R005C00"
},
{
"version_value": "V200R005C02"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R006C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "V200R011C00"
},
{
"version_value": "V200R005C01"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5304",
"datePublished": "2020-01-03T14:33:41",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from nvd – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22357 (GCVE-0-2021-22357)
Vulnerability from nvd – Published: 2021-08-23 19:30 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S5700;S6700;S7700 |
Affected:
V200R013C00SPC500,V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R013C00SPC500,V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-23T19:30:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
},
{
"version_value": "V200R013C00SPC500,V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22357",
"datePublished": "2021-08-23T19:30:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22329 (GCVE-0-2021-22329)
Vulnerability from nvd – Published: 2021-06-29 19:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
Severity ?
No CVSS data available.
CWE
- Improper Licenses Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10
Affected: V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Licenses Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:05:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Licenses Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22329",
"datePublished": "2021-06-29T19:05:31",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22377 (GCVE-0-2021-22377)
Vulnerability from nvd – Published: 2021-06-22 18:10 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
Severity ?
No CVSS data available.
CWE
- Command Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S2700;S5700;S6700;S7700 |
Affected:
V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S2700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T18:10:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S2700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22377",
"datePublished": "2021-06-22T18:10:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22359 (GCVE-0-2021-22359)
Vulnerability from nvd – Published: 2021-05-27 12:40 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S5700;S6700 |
Affected:
V200R005C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S5700;S6700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T12:40:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S5700;S6700",
"version": {
"version_data": [
{
"version_value": "V200R005C00SPC500"
},
{
"version_value": "V200R005C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22359",
"datePublished": "2021-05-27T12:40:09",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22321 (GCVE-0-2021-22321)
Vulnerability from nvd – Published: 2021-03-22 19:03 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60
Affected: V500R001C30 Affected: V500R001C60 Affected: V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T19:03:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22321",
"datePublished": "2021-03-22T19:03:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1866 (GCVE-0-2020-1866)
Vulnerability from nvd – Published: 2021-01-13 22:22 – Updated: 2024-08-04 06:53
VLAI?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60SPC500,V500R005C00
Affected: V200R008C00 Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 Affected: V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:22:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1866",
"datePublished": "2021-01-13T22:22:04",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1810 (GCVE-0-2020-1810)
Vulnerability from nvd – Published: 2020-01-09 17:44 – Updated: 2024-08-04 06:46
VLAI?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.
Severity ?
No CVSS data available.
CWE
- Weak Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;S5700;S6700 |
Affected:
V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10
Affected: V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500 Affected: V200R005C00SPC500,V200R005C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;S5700;S6700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10"
},
{
"status": "affected",
"version": "V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500"
},
{
"status": "affected",
"version": "V200R005C00SPC500,V200R005C01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T23:00:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;S5700;S6700",
"version": {
"version_data": [
{
"version_value": "V100R003C00SPC600,V100R003C10SPC100,V100R005C00SPC200,V100R005C00SPC300,V100R005C10HP0001,V100R005C10SPC100,V100R005C10SPC200,V100R006C00,V200R001C00,V200R002C01,V200R002C10,V200R002C20,V200R005C10"
},
{
"version_value": "V200R005C00SPC500,V200R005C03,V200R006C00SPC100,V200R006C00SPC300,V200R006C00SPC500,V200R007C00SPC100,V200R007C00SPC500"
},
{
"version_value": "V200R005C00SPC500,V200R005C01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1810",
"datePublished": "2020-01-09T17:44:54",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5304 (GCVE-0-2019-5304)
Vulnerability from nvd – Published: 2020-01-03 14:33 – Updated: 2024-08-04 19:54
VLAI?
Summary
Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
Severity ?
No CVSS data available.
CWE
- Buffer Error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C50 Affected: V200R003C01 Affected: V200R005C20 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R002C00 Affected: V200R005C00 Affected: V200R005C02 Affected: V200R005C03 Affected: V200R006C00 Affected: V200R008C00 Affected: V200R010C00 Affected: V200R011C00 Affected: V200R005C01 Affected: V500R001C60 Affected: V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C50"
},
{
"status": "affected",
"version": "V200R003C01"
},
{
"status": "affected",
"version": "V200R005C20"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V200R005C00"
},
{
"status": "affected",
"version": "V200R005C02"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R006C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R010C00"
},
{
"status": "affected",
"version": "V200R011C00"
},
{
"status": "affected",
"version": "V200R005C01"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-03T14:33:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C50"
},
{
"version_value": "V200R003C01"
},
{
"version_value": "V200R005C20"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V200R005C00"
},
{
"version_value": "V200R005C02"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R006C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "V200R011C00"
},
{
"version_value": "V200R005C01"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5304",
"datePublished": "2020-01-03T14:33:41",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}