Information Leak in Huawei Network Security Products
CVE-2021-22342
4.9MEDIUM
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 22 June 2021
Summary
An information leak vulnerability exists in several Huawei network security products, where specific inputs are not adequately handled. This flaw allows attackers with high privileges to exploit the vulnerability through various operations, potentially leading to sensitive information exposure. The issue impacts various versions of the IPS Module, NGFW Module, SeMG9811, and USG9500 series.
Affected Version(s)
IPS Module;NGFW Module;SeMG9811;USG9500 V500R005C00,V500R005C10,V500R005C20
IPS Module;NGFW Module;SeMG9811;USG9500 V500R005C00
IPS Module;NGFW Module;SeMG9811;USG9500 V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10,V500R005C20
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved