Pointer Double Free Vulnerability in Huawei CloudEngine Series
CVE-2021-22332

7.5HIGH

Key Information:

Summary

A pointer double free vulnerability has been identified in specific versions of Huawei's CloudEngine series, including the 5800, 6800, 7800, and 12800 models. This issue arises when a function unintentionally duplicates a memory pointer across two functional modules, allowing attackers to exploit the vulnerability through malicious operations. If successfully executed, this exploit could lead to a crash of the affected module, disrupting normal service and affecting network reliability.

Affected Version(s)

CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.