#VU50910 Use-after-free in Huawei products - CVE-2021-22321
Published: February 24, 2021
Vulnerability identifier: #VU50910
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-22321
CWE-ID: CWE-416
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Huawei NIP6300
Huawei NIP6600
Huawei NIP6800
Huawei S12700
Huawei S5700
Huawei S1700
Huawei S2700
Huawei S6700
Huawei S7700
Huawei S9700
USG9500
Huawei Secospace USG6300
Huawei Secospace USG6500
Huawei Secospace USG6600
Huawei NIP6300
Huawei NIP6600
Huawei NIP6800
Huawei S12700
Huawei S5700
Huawei S1700
Huawei S2700
Huawei S6700
Huawei S7700
Huawei S9700
USG9500
Huawei Secospace USG6300
Huawei Secospace USG6500
Huawei Secospace USG6600
Software vendor:
Huawei
Huawei
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error. A remote attacker can cause a denial of service condition on the target system.
Remediation
Install updates from vendor's website.