CVE-2021-40033 — Sensitive Information Exposure in Huawei Cloudengine 12800 Firmware

3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 92.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Cloudengine 12800 Firmware Huawei Cloudengine 5800 Firmware Huawei Cloudengine 6800 Firmware +1 more

Timeline

PublishedJan 31

Latest updateFeb 1

Description

There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDhuawei/cloudengine_5800_firmwarev200r005c10spc800, v200r019c00spc800+1

▶NVDhuawei/cloudengine_6800_firmwarev200r005c10spc800, v200r005c20spc800, v200r019c00spc800+2

▶NVDhuawei/cloudengine_7800_firmwarev200r005c10spc800, v200r019c00spc800+1

▶NVDhuawei/cloudengine_12800_firmwarev200r005c10spc800

🔴Vulnerability Details

GHSA

GHSA-qf3v-wv2c-rv42: There is an information exposure vulnerability on several Huawei Products↗2022-02-01

▶

CVEList

CVE-2021-40033: There is an information exposure vulnerability on several Huawei Products↗2022-01-31

▶