Memory Leak Vulnerability in Huawei Security Products
CVE-2021-22341

4.9MEDIUM

Key Information:

Vendor
Huawei
Status
Ips Module;ngfw Module;nip6300;nip6600;secospace Usg6300;secospace Usg6500;secospace Usg6600
Vendor
CVE Published:
29 June 2021

Summary

A memory leak vulnerability exists in Huawei's security products due to a resource management weakness within specific modules. This issue allows attackers with high privileges to exploit the vulnerability through certain operations, potentially leading to significant memory leaks. The affected products encompass a range of security modules and appliances, highlighting the importance of timely patching to secure network environments.

Affected Version(s)

IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200

IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 V500R005C00SPC100,V500R005C10SPC200

References

https://www.huawei.com/en/psirt/security-advisories/huawe...
x_refsource_MISC

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.