Memory Leak Vulnerability in Huawei Network Security Products
CVE-2021-22312

6.5MEDIUM

Key Information:

Summary

A memory leak vulnerability exists in multiple Huawei network products. An authenticated remote attacker can exploit this flaw by sending specially crafted messages, which prevents proper memory deallocation. This exploitation can lead to abnormal service behavior, adversely affecting the performance and reliability of impacted devices like the IPS Module and several Secospace USG models.

Affected Version(s)

IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 V500R005C00SPC100,V500R005C00SPC200

IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.