CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c10spc800:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c10spc800:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c10spc800:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c10spc800:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:49

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-cloudengine-en - Vendor Advisory

Information

Published : 2021-05-27 13:15

Updated : 2024-11-21 05:49


NVD link : CVE-2021-22362

Mitre link : CVE-2021-22362

CVE.ORG link : CVE-2021-22362


JSON object : View

Products Affected

huawei

  • cloudengine_7800
  • cloudengine_6800_firmware
  • cloudengine_7800_firmware
  • cloudengine_6800
  • cloudengine_12800
  • cloudengine_5800_firmware
  • cloudengine_5800
  • cloudengine_12800_firmware
CWE
CWE-787

Out-of-bounds Write