Design/Logic Flaw

2021-10-2701:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

20.2%

JSON

There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.

CPENameOperatorVersion
cloudengine_12800_firmwareeq200r5c10spc800-v
cloudengine_12800_firmwareeq200r19c0spc800-v
cloudengine_5800_firmwareeq200r5c10spc800-v
cloudengine_5800_firmwareeq200r19c0spc800-v
cloudengine_6800_firmwareeq200r5c10spc800-v
cloudengine_6800_firmwareeq200r5c20spc800-v
cloudengine_6800_firmwareeq200r19c0spc800-v
cloudengine_7800_firmwareeq200r5c10spc800-v
cloudengine_7800_firmwareeq200r19c0spc800-v

Name	Operator	Version
cloudengine_12800_firmware	eq	200r5c10spc800-v
cloudengine_12800_firmware	eq	200r19c0spc800-v
cloudengine_5800_firmware	eq	200r5c10spc800-v
cloudengine_5800_firmware	eq	200r19c0spc800-v
cloudengine_6800_firmware	eq	200r5c10spc800-v
cloudengine_6800_firmware	eq	200r5c20spc800-v
cloudengine_6800_firmware	eq	200r19c0spc800-v
cloudengine_7800_firmware	eq	200r5c10spc800-v
cloudengine_7800_firmware	eq	200r19c0spc800-v

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-cloudengine-en

0.001 Low

EPSS

Percentile

20.2%

JSON

Related for PRION:CVE-2021-37122