First published: Tue Jun 29 2021(Updated: )
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Ips Module Firmware | =v500r005c00spc100 | |
Huawei Ips Module Firmware | =v500r005c00spc200 | |
Huawei IPS Module | ||
Huawei Ngfw Module Firmware | =v500r005c00spc100 | |
Huawei Ngfw Module Firmware | =v500r005c00spc200 | |
Huawei NGFW Module | ||
Huawei Nip6300 Firmware | =v500r005c00spc100 | |
Huawei Nip6300 Firmware | =v500r005c10spc200 | |
Huawei NIP6300 | ||
Huawei Nip6600 Firmware | =v500r005c00spc100 | |
Huawei Nip6600 Firmware | =v500r005c00spc200 | |
Huawei Nip6600 | ||
Huawei Secospace Usg6300 Firmware | =v500r005c00spc100 | |
Huawei Secospace Usg6300 Firmware | =v500r005c00spc200 | |
Huawei Secospace USG6300 | ||
Huawei Secospace Usg6500 Firmware | =v500r005c00spc100 | |
Huawei Secospace Usg6500 Firmware | =v500r005c10spc200 | |
Huawei Secospace Usg6500 | ||
Huawei Secospace Usg6600 Firmware | =v500r005c00spc100 | |
Huawei Secospace Usg6600 Firmware | =v500r005c00spc200 | |
Huawei Secospace USG6600 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-22341.
The severity rating of CVE-2021-22341 is 4.9 (medium).
Attackers with high privilege can exploit CVE-2021-22341 by performing certain operations that lead to memory leak.
Affected product versions include Huawei IPS Module V500R005C00SPC100, Huawei IPS Module V500R005C00SPC200, Huawei Ngfw Module V500R005C00SPC100, Huawei Ngfw Module V500R005C00SPC200, Huawei Nip6300 Firmware V500R005C00SPC100, Huawei Nip6300 Firmware V500R005C10SPC200, Huawei Nip6600 Firmware V500R005C00SPC100, Huawei Nip6600 Firmware V500R005C00SPC200, Huawei Secospace Usg6300 Firmware V500R005C00SPC100, Huawei Secospace Usg6300 Firmware V500R005C00SPC200, Huawei Secospace Usg6500 Firmware V500R005C00SPC100, Huawei Secospace Usg6500 Firmware V500R005C10SPC200, Huawei Secospace Usg6600 Firmware V500R005C00SPC100, and Huawei Secospace Usg6600 Firmware V500R005C00SPC200.
You can find more information about CVE-2021-22341 at the following reference: [Huawei Security Advisory SA-20210506-01](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en).