#VU50647 Memory leak in Huawei products - CVE-2021-22312
Published: February 11, 2021
Vulnerability identifier: #VU50647
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-22312
CWE-ID: CWE-401
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Huawei IPS Module
Huawei NGFW Module
Huawei Secospace USG6300
Huawei Secospace USG6500
Huawei Secospace USG6600
USG9500
Huawei IPS Module
Huawei NGFW Module
Huawei Secospace USG6300
Huawei Secospace USG6500
Huawei Secospace USG6600
USG9500
Software vendor:
Huawei
Huawei
Description
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak. A remote authenticated attacker can force the application to leak memory and perform denial of service attack.
Remediation
Install updates from vendor's website.