Memory Leak Vulnerability in Huawei CloudEngine Products
CVE-2020-9124
7.5HIGH
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 29 December 2020
Summary
A memory leak vulnerability exists in certain versions of Huawei CloudEngine products, potentially allowing an unauthenticated, remote attacker to exploit the flaw. By sending specially crafted messages to the affected devices, the attacker may trigger a failure to release allocated memory properly, resulting in a memory leak that could impact system performance.
Affected Version(s)
CloudEngine 12800 V200R002C50SPC800
CloudEngine 12800 V200R003C00SPC810
CloudEngine 12800 V200R005C00SPC800
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved