CVE-2021-22321
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD
Description
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Affected (61)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6300 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6600 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c60 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6800 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r007c01 |
| Running on/with | Platform Versions |
|---|---|
Huawei S12700 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r009c00spc200 |
| Running on/with | Platform Versions |
|---|---|
Huawei S1700 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r008c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S2700 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r008c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5700 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r008c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S6700 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r008c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S7700 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r007c01 |
| Running on/with | Platform Versions |
|---|---|
Huawei S9700 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6300 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6500 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6600 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Usg9500 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.