First published: Thu May 27 2021(Updated: )
There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Cloudengine 12800 Firmware | =v200r002c50spc800 | |
Huawei Cloudengine 12800 Firmware | =v200r003c00spc810 | |
Huawei Cloudengine 12800 Firmware | =v200r005c00spc800 | |
Huawei Cloudengine 12800 Firmware | =v200r005c10spc800 | |
Huawei Cloudengine 12800 Firmware | =v200r019c00spc800 | |
Huawei Cloudengine 12800 Firmware | =v200r019c10spc800 | |
Huawei CloudEngine 12800 | ||
Huawei Cloudengine 5800 Firmware | =v200r002c50spc800 | |
Huawei Cloudengine 5800 Firmware | =v200r003c00spc810 | |
Huawei Cloudengine 5800 Firmware | =v200r005c00spc800 | |
Huawei Cloudengine 5800 Firmware | =v200r005c10spc800 | |
Huawei Cloudengine 5800 Firmware | =v200r019c00spc800 | |
Huawei Cloudengine 5800 Firmware | =v200r019c10spc800 | |
Huawei CloudEngine 5800 | ||
Huawei Cloudengine 6800 Firmware | =v200r002c50spc800 | |
Huawei Cloudengine 6800 Firmware | =v200r003c00spc810 | |
Huawei Cloudengine 6800 Firmware | =v200r005c00spc800 | |
Huawei Cloudengine 6800 Firmware | =v200r005c10spc800 | |
Huawei Cloudengine 6800 Firmware | =v200r005c20spc800 | |
Huawei Cloudengine 6800 Firmware | =v200r019c00spc800 | |
Huawei Cloudengine 6800 Firmware | =v200r019c10spc800 | |
Huawei CloudEngine 6800 | ||
Huawei Cloudengine 7800 Firmware | =v200r002c50spc800 | |
Huawei Cloudengine 7800 Firmware | =v200r003c00spc810 | |
Huawei Cloudengine 7800 Firmware | =v200r005c00spc800 | |
Huawei Cloudengine 7800 Firmware | =v200r005c10spc800 | |
Huawei Cloudengine 7800 Firmware | =v200r019c00spc800 | |
Huawei Cloudengine 7800 Firmware | =v200r019c10spc800 | |
Huawei Cloudengine 7800 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-22362 is an out of bounds write vulnerability in some Huawei products.
An attacker can exploit CVE-2021-22362 by sending crafted data in the packet to the target device.
The severity of CVE-2021-22362 is medium with a CVSS score of 5.3.
Some affected Huawei products include Huawei CloudEngine 12800, Huawei CloudEngine 5800, Huawei CloudEngine 6800, and Huawei CloudEngine 7800.
To fix CVE-2021-22362, it is recommended to apply the patches provided by Huawei.