Lucene search
K
HuaweiCloudengine 6800 Firmware

21 matches found

CVE
CVE
added 2020/05/29 7:13 p.m.101 views

CVE-2020-1870

CVE-2020-1870 affects Huawei CloudEngine and related NE40E/NE40E-M/NE40E-F switches. Root cause is improper memory management leading to memory leakage, which can be exploited to cause denial of service. Affected versions include CloudEngine 12800 (V200R019C00SPC800), 5800 (V200R019C00SPC800), 68...

7.5CVSS7.4AI score0.00745EPSS
CVE
CVE
added 2021/05/27 12:18 p.m.78 views

CVE-2021-22362

CVE-2021-22362: An out-of-bounds write vulnerability in Huawei CloudEngine products (12800, 5800, 6800, 7800 lines) via crafted packet data due to insufficient message validation, leading to service abnormality. Affected versions include CloudEngine 12800: V200R002C50SPC800, V200R003C00SPC810, V2...

5.3CVSS5.3AI score0.00685EPSS
CVE
CVE
added 2018/02/15 4:0 p.m.75 views

CVE-2017-17301

CVE-2017-17301 relates to a weak cryptography vulnerability in a wide range of Huawei router/CE products (e.g., AR120-S, AR1200, AR200/AR3200, CloudEngine lines, ViewPoint, SMC, SRG, DP300, etc.). The root cause is improper parsing/validation of certificate values, enabling an unauthenticated rem...

9.8CVSS9.4AI score0.00991EPSS
CVE
CVE
added 2020/12/24 3:47 p.m.73 views

CVE-2020-9137

CVE-2020-9137 describes a privilege-escalation vulnerability in Huawei CloudEngine switches (12800, 5800, 6800, 7800) caused by insufficient input validation. A local attacker with high privileges can run specially crafted scripts to achieve escalation. The NVD cites CVSSv3.1: 6.7 (LOCAL, HIGH pr...

6.7CVSS6.5AI score0.00213EPSS
CVE
CVE
added 2021/04/28 12:10 p.m.71 views

CVE-2021-22332

CVE-2021-22332 is a pointer double-free vulnerability reported in Huawei CloudEngine switches (5800/6800/7800/12800). The issue arises when a function copies the same memory pointer to two modules, enabling a double free that can crash the affected module and potentially disrupt normal service. P...

7.5CVSS7.4AI score0.00677EPSS
CVE
CVE
added 2021/08/23 7:29 p.m.70 views

CVE-2021-22328

CVE-2021-22328 describes a denial-of-service vulnerability in Huawei CloudEngine switches (12800, 5800, 6800, 7800) running V200R005C00SPC800. The issue arises from improper packet handling in specific scenarios, which can cause some services to behave abnormally. The vulnerability is associated ...

7.5CVSS7.4AI score0.00677EPSS
CVE
CVE
added 2021/10/27 12:36 a.m.70 views

CVE-2021-37122

CVE-2021-37122 is a confirmed use-after-free (UAF) vulnerability disclosed in Huawei CloudEngine products. Affected models include CloudEngine 12800 (V200R005C10SPC800, V200R019C00SPC800), 5800 (V200R005C10SPC800, V200R019C00SPC800), 6800 (V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800),...

6.5CVSS6.3AI score0.0026EPSS
CVE
CVE
added 2022/01/31 3:57 p.m.70 views

CVE-2021-40042

CVE-2021-40042 is an invalid pointer vulnerability affecting Huawei CloudEngine devices (12800: V200R019C10SPC800/SPC900; 5800: V200R019C10SPC800, V200R020C00SPC600; 6800: V200R019C10SPC800/900, V200R020C00SPC600, V300R020C00SPC200; 7800: V200R019C10SPC800). Root cause: invalid pointer dereferenc...

6.5CVSS6.4AI score0.00562EPSS
CVE
CVE
added 2022/01/31 3:57 p.m.68 views

CVE-2021-40033

CVE-2021-40033 describes an information exposure vulnerability affecting Huawei CloudEngine switches: 12800, 5800, 6800, and 7800 series across multiple firmware versions (e.g., 12800 V200R005C10SPC800; 5800 V200R005C10SPC800, V200R019C00SPC800; 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019...

5.5CVSS5.1AI score0.00169EPSS
CVE
CVE
added 2017/11/22 7:0 p.m.67 views

CVE-2017-8147

CVE-2017-8147 corresponds to a MaxAge LSA vulnerability in OSPF on Huawei products (e.g., AC6005/AC6605/CloudEngine series, S-series, USG/SECOSPACE lines, etc.). The issue arises from improper OSPF handling, where receiving specific LSA packets causes the Link State Age to be set to MaxAge (3600 ...

7.5CVSS7.4AI score0.00965EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.66 views

CVE-2016-8790

CVE-2016-8790 affects Huawei CloudEngine switches (5800/6800/7800/8800/12800) with software before V200R001C00SPC700. The issue is a buffer overflow in the Connectivity Fault Management (CFM) feature when MEP is configured; an adjacent attacker sending crafted packets can cause the main control b...

5.7CVSS5.7AI score0.00482EPSS
CVE
CVE
added 2020/07/17 10:59 p.m.64 views

CVE-2020-9102

CVE-2020-9102 is an information-disclosure vulnerability in Huawei CloudEngine products caused by improper management of usernames. Affected are CloudEngine 12800 (V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800), CloudEngine 5800 (V200R002C50SPC800, ...

3.3CVSS3.8AI score0.00199EPSS
CVE
CVE
added 2020/12/29 5:57 p.m.61 views

CVE-2020-9207

CVE-2020-9207 describes an improper authentication vulnerability in Huawei CloudEngine products. A module fails to verify input files, allowing attackers to craft malicious files to bypass verification and potentially disrupt normal service. Connected sources confirm the issue affects Huawei Clou...

7.8CVSS7.7AI score0.00559EPSS
CVE
CVE
added 2021/04/28 11:36 a.m.58 views

CVE-2021-22393

CVE-2021-22393 affects Huawei CloudEngine switches (5800/6800/7800/12800). A module-design weakness causes the device to mishandle certain messages, enabling attackers to trigger a denial of service by sending a large number of specific messages, impacting normal service. Public references in Hua...

7.5CVSS7.3AI score0.00677EPSS
CVE
CVE
added 2021/01/13 10:20 p.m.57 views

CVE-2020-1865

CVE-2020-1865 : Huawei CloudEngine products have an out-of-bounds read when parsing certain PIM messages. An adjacent attacker could send crafted PIM messages to trigger data reads past the buffer, potentially causing impact as described in the sources. The vulnerability is documented with CVSS m...

6.5CVSS6.4AI score0.00332EPSS
CVE
CVE
added 2020/12/29 5:17 p.m.53 views

CVE-2020-9124

This entry concerns CVE-2020-9124, a memory-leak vulnerability in Huawei CloudEngine. Affected software is Huawei CloudEngine products; root cause is improper memory release leading to a memory leak when a specific message is processed by an unauthenticated, remote attacker. Impact is partial ava...

7.5CVSS7.5AI score0.00916EPSS
CVE
CVE
added 2018/02/15 4:0 p.m.50 views

CVE-2017-15349

CVE-2017-15349 affects Huawei CloudEngine switches (12800, 5800, 6800, 7800 series across multiple V100R0xxC0x releases). The issue is a memory leak caused by failure to release memory when handling RSVP packets, exploitable by unauthenticated remote senders over the network, leading to DoS via r...

7.5CVSS7.5AI score0.00967EPSS
CVE
CVE
added 2020/12/29 5:28 p.m.50 views

CVE-2020-9094

CVE-2020-9094 describes an out-of-bounds read vulnerability affecting Huawei CloudEngine products. The issue arises when a module fails to properly handle a specific message, allowing an attacker to cause a denial of service by sending a crafted packet. The CVE entry aligns with Huawei’s advisory...

7.5CVSS7.3AI score0.00736EPSS
CVE
CVE
added 2021/12/13 3:48 p.m.50 views

CVE-2021-40008

Huawei CloudEngine switches (12800/5800/6800/7800, firmware version V200R019C00SPC800) suffer a memory-leak vulnerability: the parser fails to properly track and release memory when handling crafted binary messages, potentially leading to memory exhaustion. The issue is network-exploitable (low a...

7.5CVSS7.4AI score0.00655EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.47 views

CVE-2016-8795

CVE-2016-8795 describes an integer overflow in IPFPM handling on several Huawei devices. Affected products include Huawei CloudEngine 12800, 5800, 6800, 7800, 8800 and Secospace USG6600, across multiple OS versions listed in the Huawei advisory. Remote, unauthenticated attackers can craft specifi...

7.1CVSS5.9AI score0.01185EPSS
CVE
CVE
added 2017/04/02 8:0 p.m.42 views

CVE-2016-8780

CVE-2016-8780 affects Huawei CloudEngine devices: 6800 (V100R006C00), 7800 (V100R006C00), 8800 (V100R006C00), and 12800 (V100R006C00). The issue allows remote attackers with specific permissions to store massive files, exhausting shared storage and causing a DoS. Root cause is improper management...

6.8CVSS6.4AI score0.01334EPSS