CVE-2021-37129 Information

Description

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00V500R005C20;S12700 V200R010C00SPC600V200R011C10SPC500V200R011C10SPC600V200R013C00SPC500V200R019C00SPC200V200R019C00SPC500V200R019C10SPC200V200R020C00V200R020C10;S1700 V200R010C00SPC600V200R011C10SPC500V200R011C10SPC600;S2700 V200R010C00SPC600V200R011C10SPC500V200R011C10SPC600;S5700 V200R010C00SPC600V200R010C00SPC700V200R011C10SPC500V200R011C10SPC600V200R019C00SPC500;S6700 V200R010C00SPC600V200R011C10SPC500V200R011C10SPC600;S7700 V200R010C00SPC600V200R010C00SPC700V200R011C10SPC500V200R011C10SPC600;S9700 V200R010C00SPC600V200R011C10SPC500V200R011C10SPC600;USG9500 V500R005C00V500R005C20.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5