CVE-2021-37129

Published Oct 27, 2021

Last updated 3 years ago

CVSS high 7.5

Overview

Description: There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A91B37BC-F4FD-499A-918E-6396251A0F5F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FEB99CA-7B73-4633-9F9C-9AF54B0A43FA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "975CEC1E-D82C-45AD-B920-80961221C0BA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9824CC2-7B77-4FD7-9509-49FA0D94AF4A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0442199D-AF21-44E8-B604-7D64129FD25D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2ED767D-2826-4ECD-8C59-B688AC54B0CD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A630BDAD-C254-4107-9593-1E9FB415C138"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B11D63D0-072D-4E44-B254-491974603C7E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "913DDCCC-0A91-458D-8A74-E4B9E9A71EC7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FCC64B5-1BB4-4A4B-983F-D1D986CA506E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32CA1299-EA8A-4A24-96AA-DC3C5C3B9701"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20386C76-4480-47ED-99AD-7ADBE41C3364"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4676DA03-36A6-40B1-BA74-75260083D10A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9C4217C-0FBB-46BC-B108-F53A2AF259E7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "744381A0-4E85-4F0C-881B-DF2F7E1DB186"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D60424B-15CE-415E-8E6C-34E5DC52E6C4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46FDAD12-710C-4FE1-950F-B57810649C16"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F402F7DA-6BDF-4C53-B33B-3D8FE1B14506"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "238025D5-0E08-4708-BA6D-6E6560814525"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83AE1FCE-5E38-4436-96B9-57DE026BDE7A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F2F0768-EE4C-408B-8FDD-87CBC4970688"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8030D59B-D7AC-4155-B23C-0E77603F9DEB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC7D191A-1496-4A38-BD9B-4222A9CA31BE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4342AD2-7764-4447-9341-78DF30E20416"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37C57D09-618F-44B0-86A8-5BAC25CA486F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD82D614-9515-4A9C-B96A-2614DDADEB7A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45A35D3-D5CE-40F1-ABC2-9A9E6FA8FE46"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "234ED4C3-67B4-4B0E-8EA1-9A70CAAD2BCF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31F8A14F-8956-493C-8062-EAB872AD0420"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References