Huawei : Huawei Data Communication: Use After Free Vulnerability in Huawei Product (huawei-sa-20210210-01-uaf)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.145668

Kategorie: Huawei

Titel: Huawei Data Communication: Use After Free Vulnerability in Huawei Product (huawei-sa-20210210-01-uaf)

Zusammenfassung: There is a use-after-free vulnerability in Huawei products.

Beschreibung: Summary:
There is a use-after-free vulnerability in Huawei products.

Vulnerability Insight:
A module cannot deal with specific operations in special scenarios.
Attackers can exploit this vulnerability by performing malicious operations. This can cause memory
use-after-free, compromising normal service.

Vulnerability Impact:
Attackers can exploit this vulnerability by performing malicious operations.
This can cause memory use-after-free, compromising normal service.

Affected Software/OS:
NIP6300 versions V500R001C30 V500R001C60

NIP6600 versions V500R001C30

NIP6800 versions V500R001C60

S12700 versions V200R007C01 V200R007C01B102 V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10

S1700 versions V200R009C00SPC200 V200R009C00SPC500 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10

S2700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10

S5700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 V200R011C10SPC100

S6700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 V200R011C10SPC100

S7700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10

S9700 versions V200R007C01 V200R007C01B102 V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10

Secospace USG6300 versions V500R001C30 V500R001C60

Secospace USG6500 versions V500R001C30 V500R001C60

Secospace USG6600 versions V500R001C30 V500R001C60

USG9500 versions V500R001C30 V500R001C60

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2021-22321
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.145668
Kategorie:	Huawei
Titel:	Huawei Data Communication: Use After Free Vulnerability in Huawei Product (huawei-sa-20210210-01-uaf)
Zusammenfassung:	There is a use-after-free vulnerability in Huawei products.
Beschreibung:	Summary: There is a use-after-free vulnerability in Huawei products. Vulnerability Insight: A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Vulnerability Impact: Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected Software/OS: NIP6300 versions V500R001C30 V500R001C60 NIP6600 versions V500R001C30 NIP6800 versions V500R001C60 S12700 versions V200R007C01 V200R007C01B102 V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 S1700 versions V200R009C00SPC200 V200R009C00SPC500 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 S2700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 S5700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 V200R011C10SPC100 S6700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 V200R011C10SPC100 S7700 versions V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 S9700 versions V200R007C01 V200R007C01B102 V200R008C00 V200R010C00 V200R010C00SPC300 V200R011C00 V200R011C00SPC100 V200R011C10 Secospace USG6300 versions V500R001C30 V500R001C60 Secospace USG6500 versions V500R001C30 V500R001C60 Secospace USG6600 versions V500R001C30 V500R001C60 USG9500 versions V500R001C30 V500R001C60 Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-22321 https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en
Copyright	Copyright (C) 2021 Greenbone Networks GmbH