6.5

CVE-2021-22312

EPSS 0.19%
Published 08.04.2021 19:15:12
Last modified 21.11.2024 05:49:53
Source psirt@huawei.com
Teams watchlist Login
Open Login

There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Ips Module Firmware Versionv500r005c00spc100

Huawei ≫ Ips Module Version-

Huawei ≫ Ips Module Firmware Versionv500r005c00spc200

Huawei ≫ Ips Module Version-

Huawei ≫ Ngfw Module Firmware Versionv500r005c00spc100

Huawei ≫ Ngfw Module Version-

Huawei ≫ Ngfw Module Firmware Versionv500r005c00spc200

Huawei ≫ Ngfw Module Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc200

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc600

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c60spc500

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc100

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc200

Huawei ≫ Usg9500 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6800 Version-

Huawei ≫ Usg6000e Firmware Versionv600r006c00

Huawei ≫ Usg6000e Version-

Huawei ≫ Nip6000e Firmware Versionv600r006c00

Huawei ≫ Nip6000e Version-

Huawei ≫ Ips6000e Firmware Versionv600r006c00

Huawei ≫ Ips6000e Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.373

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22312

EUVD