CVE-2018-7994

2018-07-3114:00:00

huawei

www.cve.org

0.002 Low

EPSS

Percentile

59.2%

JSON

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

CNA Affected

[
  {
    "product": "NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "IPS Module V500R001C50"
      },
      {
        "status": "affected",
        "version": "NGFW Module V500R001C50"
      },
      {
        "status": "affected",
        "version": "V500R002C10"
      },
      {
        "status": "affected",
        "version": "NIP6300 V500R001C50"
      },
      {
        "status": "affected",
        "version": "NIP6600 V500R001C50"
      },
      {
        "status": "affected",
        "version": "NIP6800 V500R001C50"
      },
      {
        "status": "affected",
        "version": "Secospace USG6600 V500R001C50"
      },
      {
        "status": "affected",
        "version": "USG9500 V500R001C50"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-en

0.002 Low

EPSS

Percentile

59.2%

JSON

Related for CVELIST:CVE-2018-7994