CVE-2021-22341

Published Jun 29, 2021

Last updated 3 years ago

CVSS medium 4.9

Overview

Description: There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.9
Impact score: 3.6
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-401

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D4E285D-09FB-4123-B46A-E27818ADFFDD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5A659FF-6019-48F8-BF60-D9FC79682435"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "848014B8-8D79-48C3-8ED2-EA98378428F6"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8448325-FBF2-4C00-8574-677956A6DE97"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC26B79E-CBCD-4D93-A552-1A20B155F0FE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46A3FD77-200C-40D7-A31E-6D964F9A375E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51E30304-8638-46A6-B467-19A7B1B4D362"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References