Information Leak in Huawei Network Security Products
CVE-2021-22342

4.9MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
22 June 2021

Summary

An information leak vulnerability exists in several Huawei network security products, where specific inputs are not adequately handled. This flaw allows attackers with high privileges to exploit the vulnerability through various operations, potentially leading to sensitive information exposure. The issue impacts various versions of the IPS Module, NGFW Module, SeMG9811, and USG9500 series.

Affected Version(s)

IPS Module;NGFW Module;SeMG9811;USG9500 V500R005C00,V500R005C10,V500R005C20

IPS Module;NGFW Module;SeMG9811;USG9500 V500R005C00

IPS Module;NGFW Module;SeMG9811;USG9500 V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10,V500R005C20

References

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.