CVE-2021-22362

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.2%

top 60.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Cloudengine 12800 Firmware Huawei Cloudengine 5800 Firmware Huawei Cloudengine 6800 Firmware +1 more

Timeline

PublishedMay 27

Latest updateMay 24

Description

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC81…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶NVDhuawei/cloudengine_5800_firmware6 versions+5

▶NVDhuawei/cloudengine_6800_firmware7 versions+6

▶NVDhuawei/cloudengine_7800_firmware6 versions+5

▶NVDhuawei/cloudengine_12800_firmware6 versions+5

🔴Vulnerability Details

GHSA

GHSA-6fwf-v5gg-p629: There is an out of bounds write vulnerability in some Huawei products↗2022-05-24

▶

CVEList

CVE-2021-22362: There is an out of bounds write vulnerability in some Huawei products↗2021-05-27

▶