Pointer Double Free Vulnerability in Huawei CloudEngine Series
CVE-2021-22332
7.5HIGH
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 28 April 2021
Summary
A pointer double free vulnerability has been identified in specific versions of Huawei's CloudEngine series, including the 5800, 6800, 7800, and 12800 models. This issue arises when a function unintentionally duplicates a memory pointer across two functional modules, allowing attackers to exploit the vulnerability through malicious operations. If successfully executed, this exploit could lead to a crash of the affected module, disrupting normal service and affecting network reliability.
Affected Version(s)
CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved