Lucene search
K
HuaweiCloudengine 12800 Firmware

28 matches found

CVE
CVE
added 2020/02/28 6:37 p.m.116 views

CVE-2020-1861

The CVE-2020-1861 entry applies to Huawei CloudEngine 12800 firmware, affecting multiple releases (V200R001C00SPC600 through V200R005C10SPC300). The vulnerability is an information leakage issue caused by improper data handling in the software, which in some cases allows an authenticated attacker...

4.4CVSS4.4AI score0.0022EPSS
CVE
CVE
added 2020/05/29 7:13 p.m.101 views

CVE-2020-1870

CVE-2020-1870 affects Huawei CloudEngine and related NE40E/NE40E-M/NE40E-F switches. Root cause is improper memory management leading to memory leakage, which can be exploited to cause denial of service. Affected versions include CloudEngine 12800 (V200R019C00SPC800), 5800 (V200R019C00SPC800), 68...

7.5CVSS7.4AI score0.00745EPSS
CVE
CVE
added 2019/12/13 2:35 p.m.86 views

CVE-2019-5291

CVE-2019-5291 corresponds to Huawei’s data authenticity verification weakness in some products. An remote, unauthenticated attacker can intercept specific inter-device packets, modify fields with insufficient verification, and inject them to the peer device, potentially causing abnormal behavior....

5.9CVSS5.7AI score0.00358EPSS
CVE
CVE
added 2020/01/09 5:44 p.m.80 views

CVE-2020-1810

CVE-2020-1810 describes a weak RSA algorithm vulnerability in the SSL key exchange used by Huawei products. Affected Huawei devices include CloudEngine 12800, S5700, and S6700 series, with the underlying issue being the use of a weak RSA in the TLS/SSL handshake that can allow information leakage...

5.3CVSS5.2AI score0.00452EPSS
CVE
CVE
added 2021/05/27 12:18 p.m.78 views

CVE-2021-22362

CVE-2021-22362: An out-of-bounds write vulnerability in Huawei CloudEngine products (12800, 5800, 6800, 7800 lines) via crafted packet data due to insufficient message validation, leading to service abnormality. Affected versions include CloudEngine 12800: V200R002C50SPC800, V200R003C00SPC810, V2...

5.3CVSS5.3AI score0.00685EPSS
CVE
CVE
added 2018/02/15 4:0 p.m.75 views

CVE-2017-17301

CVE-2017-17301 relates to a weak cryptography vulnerability in a wide range of Huawei router/CE products (e.g., AR120-S, AR1200, AR200/AR3200, CloudEngine lines, ViewPoint, SMC, SRG, DP300, etc.). The root cause is improper parsing/validation of certificate values, enabling an unauthenticated rem...

9.8CVSS9.4AI score0.00991EPSS
CVE
CVE
added 2020/12/24 3:47 p.m.73 views

CVE-2020-9137

CVE-2020-9137 describes a privilege-escalation vulnerability in Huawei CloudEngine switches (12800, 5800, 6800, 7800) caused by insufficient input validation. A local attacker with high privileges can run specially crafted scripts to achieve escalation. The NVD cites CVSSv3.1: 6.7 (LOCAL, HIGH pr...

6.7CVSS6.5AI score0.00213EPSS
CVE
CVE
added 2021/10/27 12:36 a.m.73 views

CVE-2021-37122

CVE-2021-37122 is a confirmed use-after-free (UAF) vulnerability disclosed in Huawei CloudEngine products. Affected models include CloudEngine 12800 (V200R005C10SPC800, V200R019C00SPC800), 5800 (V200R005C10SPC800, V200R019C00SPC800), 6800 (V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800),...

6.5CVSS6.3AI score0.0026EPSS
CVE
CVE
added 2021/04/28 12:10 p.m.71 views

CVE-2021-22332

CVE-2021-22332 is a pointer double-free vulnerability reported in Huawei CloudEngine switches (5800/6800/7800/12800). The issue arises when a function copies the same memory pointer to two modules, enabling a double free that can crash the affected module and potentially disrupt normal service. P...

7.5CVSS7.4AI score0.00677EPSS
CVE
CVE
added 2021/08/23 7:29 p.m.70 views

CVE-2021-22328

CVE-2021-22328 describes a denial-of-service vulnerability in Huawei CloudEngine switches (12800, 5800, 6800, 7800) running V200R005C00SPC800. The issue arises from improper packet handling in specific scenarios, which can cause some services to behave abnormally. The vulnerability is associated ...

7.5CVSS7.4AI score0.00677EPSS
CVE
CVE
added 2022/01/31 3:57 p.m.70 views

CVE-2021-40042

CVE-2021-40042 is an invalid pointer vulnerability affecting Huawei CloudEngine devices (12800: V200R019C10SPC800/SPC900; 5800: V200R019C10SPC800, V200R020C00SPC600; 6800: V200R019C10SPC800/900, V200R020C00SPC600, V300R020C00SPC200; 7800: V200R019C10SPC800). Root cause: invalid pointer dereferenc...

6.5CVSS6.4AI score0.00562EPSS
CVE
CVE
added 2022/01/31 3:57 p.m.68 views

CVE-2021-40033

CVE-2021-40033 describes an information exposure vulnerability affecting Huawei CloudEngine switches: 12800, 5800, 6800, and 7800 series across multiple firmware versions (e.g., 12800 V200R005C10SPC800; 5800 V200R005C10SPC800, V200R019C00SPC800; 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019...

5.5CVSS5.1AI score0.00169EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.67 views

CVE-2016-8790

CVE-2016-8790 affects Huawei CloudEngine switches (5800/6800/7800/8800/12800) with software before V200R001C00SPC700. The issue is a buffer overflow in the Connectivity Fault Management (CFM) feature when MEP is configured; an adjacent attacker sending crafted packets can cause the main control b...

5.7CVSS5.7AI score0.00482EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.67 views

CVE-2017-8147

CVE-2017-8147 corresponds to a MaxAge LSA vulnerability in OSPF on Huawei products (e.g., AC6005/AC6605/CloudEngine series, S-series, USG/SECOSPACE lines, etc.). The issue arises from improper OSPF handling, where receiving specific LSA packets causes the Link State Age to be set to MaxAge (3600 ...

7.5CVSS7.4AI score0.00965EPSS
CVE
CVE
added 2020/07/17 10:59 p.m.66 views

CVE-2020-9102

CVE-2020-9102 is an information-disclosure vulnerability in Huawei CloudEngine products caused by improper management of usernames. Affected are CloudEngine 12800 (V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800), CloudEngine 5800 (V200R002C50SPC800, ...

3.3CVSS3.8AI score0.00199EPSS
CVE
CVE
added 2019/12/13 2:43 p.m.61 views

CVE-2019-5248

The CVE-2019-5248 issue affects Huawei CloudEngine 12800 devices. Affected component is the device’s handling of certain packets from neighboring devices, triggering a memory leak that can lead to a Denial of Service. The core root cause and exact vulnerable code path are described in Huawei’s ad...

7.4CVSS7.2AI score0.00306EPSS
CVE
CVE
added 2020/12/29 5:57 p.m.61 views

CVE-2020-9207

CVE-2020-9207 describes an improper authentication vulnerability in Huawei CloudEngine products. A module fails to verify input files, allowing attackers to craft malicious files to bypass verification and potentially disrupt normal service. Connected sources confirm the issue affects Huawei Clou...

7.8CVSS7.7AI score0.00559EPSS
CVE
CVE
added 2021/01/13 10:20 p.m.58 views

CVE-2020-1865

CVE-2020-1865 : Huawei CloudEngine products have an out-of-bounds read when parsing certain PIM messages. An adjacent attacker could send crafted PIM messages to trigger data reads past the buffer, potentially causing impact as described in the sources. The vulnerability is documented with CVSS m...

6.5CVSS6.4AI score0.00332EPSS
CVE
CVE
added 2021/04/28 11:36 a.m.58 views

CVE-2021-22393

CVE-2021-22393 affects Huawei CloudEngine switches (5800/6800/7800/12800). A module-design weakness causes the device to mishandle certain messages, enabling attackers to trigger a denial of service by sending a large number of specific messages, impacting normal service. Public references in Hua...

7.5CVSS7.3AI score0.00677EPSS
CVE
CVE
added 2018/03/09 9:0 p.m.53 views

CVE-2016-8782

Huawei CloudEngine 12800 firmware versions V100R003C00, V100R003C10, V100R005C00, V100R005C10, and V100R006C00 are affected by a memory-leak vulnerability in the LDP processing path caused by improper validation of certain fields in LDP packets. An unauthenticated attacker can repeatedly send cra...

5.3CVSS5.3AI score0.01188EPSS
CVE
CVE
added 2020/12/29 5:17 p.m.53 views

CVE-2020-9124

This entry concerns CVE-2020-9124, a memory-leak vulnerability in Huawei CloudEngine. Affected software is Huawei CloudEngine products; root cause is improper memory release leading to a memory leak when a specific message is processed by an unauthenticated, remote attacker. Impact is partial ava...

7.5CVSS7.5AI score0.00916EPSS
CVE
CVE
added 2018/02/15 4:0 p.m.50 views

CVE-2017-15349

CVE-2017-15349 affects Huawei CloudEngine switches (12800, 5800, 6800, 7800 series across multiple V100R0xxC0x releases). The issue is a memory leak caused by failure to release memory when handling RSVP packets, exploitable by unauthenticated remote senders over the network, leading to DoS via r...

7.5CVSS7.5AI score0.00967EPSS
CVE
CVE
added 2020/12/29 5:28 p.m.50 views

CVE-2020-9094

CVE-2020-9094 describes an out-of-bounds read vulnerability affecting Huawei CloudEngine products. The issue arises when a module fails to properly handle a specific message, allowing an attacker to cause a denial of service by sending a crafted packet. The CVE entry aligns with Huawei’s advisory...

7.5CVSS7.3AI score0.00736EPSS
CVE
CVE
added 2021/12/13 3:48 p.m.50 views

CVE-2021-40008

Huawei CloudEngine switches (12800/5800/6800/7800, firmware version V200R019C00SPC800) suffer a memory-leak vulnerability: the parser fails to properly track and release memory when handling crafted binary messages, potentially leading to memory exhaustion. The issue is network-exploitable (low a...

7.5CVSS7.4AI score0.00655EPSS
CVE
CVE
added 2016/08/02 4:0 p.m.49 views

CVE-2016-6178

Summary: CVE-2016-6178 affects Huawei devices across several product lines (NE40E/CX600, PTN 6900-2-M8, NE5000E, CloudEngine 12800) with specific software levels prior to SP versions V800R007SPH017/019, V800R006SPH018, V100R003SPH010, and V100R005SPH006. A remote attacker with control plane acces...

9.8CVSS9.6AI score0.02989EPSS
CVE
CVE
added 2018/03/09 9:0 p.m.48 views

CVE-2016-8784

Huawei CloudEngine 12800 devices running firmware V100R003C00, V100R003C10, V100R005C00, V100R005C10, or V100R006C00 are affected by a memory-leak vulnerability in the LDP processing module. An unauthenticated attacker can send crafted LDP packets; when certain parameters are abnormal, the device...

4.3CVSS4.5AI score0.00446EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.47 views

CVE-2016-8795

CVE-2016-8795 describes an integer overflow in IPFPM handling on several Huawei devices. Affected products include Huawei CloudEngine 12800, 5800, 6800, 7800, 8800 and Secospace USG6600, across multiple OS versions listed in the Huawei advisory. Remote, unauthenticated attackers can craft specifi...

7.1CVSS5.9AI score0.01185EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.43 views

CVE-2016-8780

CVE-2016-8780 affects Huawei CloudEngine devices: 6800 (V100R006C00), 7800 (V100R006C00), 8800 (V100R006C00), and 12800 (V100R006C00). The issue allows remote attackers with specific permissions to store massive files, exhausting shared storage and causing a DoS. Root cause is improper management...

6.8CVSS6.4AI score0.01334EPSS