Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.

Published

2021-05-27T13:15:07.977

Last Modified

2024-11-21T05:49:58.697

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	cloudengine_12800_firmware	v200r002c50spc800	Yes
Operating System	huawei	cloudengine_12800_firmware	v200r003c00spc810	Yes
Operating System	huawei	cloudengine_12800_firmware	v200r005c00spc800	Yes
Operating System	huawei	cloudengine_12800_firmware	v200r005c10spc800	Yes
Operating System	huawei	cloudengine_12800_firmware	v200r019c00spc800	Yes
Operating System	huawei	cloudengine_12800_firmware	v200r019c10spc800	Yes
Hardware	huawei	cloudengine_12800	-	No
Operating System	huawei	cloudengine_5800_firmware	v200r002c50spc800	Yes
Operating System	huawei	cloudengine_5800_firmware	v200r003c00spc810	Yes
Operating System	huawei	cloudengine_5800_firmware	v200r005c00spc800	Yes
Operating System	huawei	cloudengine_5800_firmware	v200r005c10spc800	Yes
Operating System	huawei	cloudengine_5800_firmware	v200r019c00spc800	Yes
Operating System	huawei	cloudengine_5800_firmware	v200r019c10spc800	Yes
Hardware	huawei	cloudengine_5800	-	No
Operating System	huawei	cloudengine_6800_firmware	v200r002c50spc800	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r003c00spc810	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r005c00spc800	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r005c10spc800	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r005c20spc800	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r019c00spc800	Yes
Operating System	huawei	cloudengine_6800_firmware	v200r019c10spc800	Yes
Hardware	huawei	cloudengine_6800	-	No
Operating System	huawei	cloudengine_7800_firmware	v200r002c50spc800	Yes
Operating System	huawei	cloudengine_7800_firmware	v200r003c00spc810	Yes
Operating System	huawei	cloudengine_7800_firmware	v200r005c00spc800	Yes
Operating System	huawei	cloudengine_7800_firmware	v200r005c10spc800	Yes
Operating System	huawei	cloudengine_7800_firmware	v200r019c00spc800	Yes
Operating System	huawei	cloudengine_7800_firmware	v200r019c10spc800	Yes
Hardware	huawei	cloudengine_7800	-	No

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en Vendor Advisory ([email protected])
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)