Memory corruption

2018-07-3114:29:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

59.2%

JSON

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

CPENameOperatorVersion
ips_moduleeq500r1c50-v
ngfw_moduleeq500r1c50-v
ngfw_moduleeq500r2c10-v
nip6300eq500r1c50-v
nip6600eq500r1c50-v
nip6800eq500r1c50-v
secospace_usg6600eq500r1c50-v
usg9500eq500r1c50-v

Name	Operator	Version
ips_module	eq	500r1c50-v
ngfw_module	eq	500r1c50-v
ngfw_module	eq	500r2c10-v
nip6300	eq	500r1c50-v
nip6600	eq	500r1c50-v
nip6800	eq	500r1c50-v
secospace_usg6600	eq	500r1c50-v
usg9500	eq	500r1c50-v

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-en

0.002 Low

EPSS

Percentile

59.2%

JSON

Related for PRION:CVE-2018-7994