Memory Leak Vulnerability in Huawei CloudEngine Products
CVE-2020-9124

7.5HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
29 December 2020

Summary

A memory leak vulnerability exists in certain versions of Huawei CloudEngine products, potentially allowing an unauthenticated, remote attacker to exploit the flaw. By sending specially crafted messages to the affected devices, the attacker may trigger a failure to release allocated memory properly, resulting in a memory leak that could impact system performance.

Affected Version(s)

CloudEngine 12800 V200R002C50SPC800

CloudEngine 12800 V200R003C00SPC810

CloudEngine 12800 V200R005C00SPC800

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.