First published: Tue Jul 31 2018(Updated: )
Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei IPS Module | =v500r001c50 | |
Huawei IPS Module | ||
Huawei NGFW Module | =v500r001c50 | |
Huawei NGFW Module | =v500r002c10 | |
Huawei NGFW Module | ||
Huawei NIP6300 | =v500r001c50 | |
Huawei NIP6300 | ||
Huawei Nip6600 | =v500r001c50 | |
Huawei Nip6600 | ||
Huawei NIP6800 | =v500r001c50 | |
Huawei NIP6800 | ||
Huawei Secospace USG6600 | =v500r001c50 | |
Huawei Secospace USG6600 | ||
Huawei USG9500 | =v500r001c50 | |
Huawei USG9500 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-7994 is a vulnerability found in some Huawei products, including IPS Module V500R001C50, NGFW Module V500R001C50, V500R002C10, NIP6300 V500R001C50, NIP6600 V500R001C50, NIP6800 V500R001C50, Secospace USG6600 V500R001C50, and USG9500 V500R001C50.
CVE-2018-7994 has a severity rating of 7.5, indicating a high severity.
CVE-2018-7994 can cause a memory leak in affected Huawei products, leading to potential stability issues and performance degradation.
CVE-2018-7994 occurs when the software fails to release allocated memory properly while processing certain requests, resulting in a memory leak.
To fix CVE-2018-7994, it is recommended to update the affected Huawei products to the latest available software version provided by Huawei.