← Voltar para CVEs
CVE-2021-22321
MEDIUM5.3
Descricao
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Detalhes CVE
Pontuacao CVSS v3.15.3
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/22/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
huawei:nip6300huawei:nip6300_firmwarehuawei:nip6600huawei:nip6600_firmwarehuawei:nip6800huawei:nip6800_firmwarehuawei:s12700huawei:s12700_firmwarehuawei:s1700huawei:s1700_firmwarehuawei:s2700huawei:s2700_firmwarehuawei:s5700huawei:s5700_firmwarehuawei:s6700huawei:s6700_firmwarehuawei:s7700huawei:s7700_firmwarehuawei:s9700huawei:s9700_firmwarehuawei:secospace_usg6300huawei:secospace_usg6300_firmwarehuawei:secospace_usg6500huawei:secospace_usg6500_firmwarehuawei:secospace_usg6600huawei:secospace_usg6600_firmwarehuawei:usg9500huawei:usg9500_firmware
Fraquezas (CWE)
CWE-416
Referencias
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.