Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Filtered by product Cloudengine 12800 Firmware
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40042 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800.
CVE-2021-37122 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 3.3 LOW 6.5 MEDIUM
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.
CVE-2021-40033 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 2.1 LOW 5.5 MEDIUM
There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800.
CVE-2021-40008 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust.
CVE-2021-22328 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.
CVE-2021-22393 1 Huawei 7 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 4 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service.
CVE-2021-22362 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.
CVE-2021-22332 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.
CVE-2020-9207 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 6.8 MEDIUM 7.8 HIGH
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
CVE-2020-9137 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
CVE-2020-1865 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 3.3 LOW 6.5 MEDIUM
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.
CVE-2020-9124 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
CVE-2020-9094 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service.
CVE-2020-9102 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-02-28 2.1 LOW 3.3 LOW
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800
CVE-2020-1870 1 Huawei 4 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 6800 and 1 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.
CVE-2019-5248 1 Huawei 2 Cloudengine 12800, Cloudengine 12800 Firmware 2024-02-28 6.1 MEDIUM 7.4 HIGH
CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.
CVE-2019-5291 1 Huawei 36 Ar120-s, Ar120-s Firmware, Ar1200 and 33 more 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.
CVE-2020-1810 1 Huawei 6 Cloudengine 12800, Cloudengine 12800 Firmware, S5700 and 3 more 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.
CVE-2020-1861 1 Huawei 2 Cloudengine 12800, Cloudengine 12800 Firmware 2024-02-28 2.1 LOW 4.4 MEDIUM
CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage.
CVE-2016-8782 1 Huawei 2 Cloudengine 12800, Cloudengine 12800 Firmware 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak.