CVE-2021-40042 Information

Description

There is a release of invalid pointer vulnerability in some Huawei products successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800 V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800 V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800 V200R019C10SPC900 V200R020C00SPC600 V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5