6.5

CVE-2021-22312

EPSS 0.19%
Veröffentlicht 08.04.2021 19:15:12
Zuletzt bearbeitet 21.11.2024 05:49:53
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Ips Module Firmware Versionv500r005c00spc100

Huawei ≫ Ips Module Version-

Huawei ≫ Ips Module Firmware Versionv500r005c00spc200

Huawei ≫ Ips Module Version-

Huawei ≫ Ngfw Module Firmware Versionv500r005c00spc100

Huawei ≫ Ngfw Module Version-

Huawei ≫ Ngfw Module Firmware Versionv500r005c00spc200

Huawei ≫ Ngfw Module Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6300 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6300 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc200

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc600

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c60spc500

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r005c00spc100

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Secospace Usg6600 Firmware Versionv500r005c00spc200

Huawei ≫ Secospace Usg6600 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc200

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc600

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c60spc500

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc100

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc200

Huawei ≫ Usg9500 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6300 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6300 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c30spc200

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c30spc600

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r001c60spc500

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r005c00spc100

Huawei ≫ Nip6800 Version-

Huawei ≫ Nip6800 Firmware Versionv500r005c00spc200

Huawei ≫ Nip6800 Version-

Huawei ≫ Usg6000e Firmware Versionv600r006c00

Huawei ≫ Usg6000e Version-

Huawei ≫ Nip6000e Firmware Versionv600r006c00

Huawei ≫ Nip6000e Version-

Huawei ≫ Ips6000e Firmware Versionv600r006c00

Huawei ≫ Ips6000e Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.373

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22312

EUVD