Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20211020-01-OUTOFWRITE
HistoryOct 20, 2021 - 12:00 a.m.

Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products

2021-10-2000:00:00
Huawei Technologies
www.huawei.com
79
huawei
vulnerability
out of bounds write

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.8%

JSON

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition. (Vulnerability ID: HWPSIRT-2021-34990)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2021-37129.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en&gt;

Affected configurations

Vulners
Node
huaweiips_module_firmwareMatchv500r005c00
OR
huaweiips_module_firmwareMatchv500r005c20
OR
huaweingfw_module_firmwareMatchv500r005c00
OR
huaweinip6600_firmwareMatchv500r005c00
OR
huaweinip6600_firmwareMatchv500r005c20
OR
huaweis12700_firmwareMatchv200r010c00spc600
OR
huaweis12700_firmwareMatchv200r011c10spc500
OR
huaweis12700_firmwareMatchv200r011c10spc600
OR
huaweis12700_firmwareMatchv200r013c00spc500
OR
huaweis12700_firmwareMatchv200r019c00spc200
OR
huaweis12700_firmwareMatchv200r019c00spc500
OR
huaweis12700_firmwareMatchv200r019c10spc200
OR
huaweis12700_firmwareMatchv200r020c00
OR
huaweis12700_firmwareMatchv200r020c10
OR
huaweis7700_firmwareMatchv200r010c00spc600
OR
huaweis7700_firmwareMatchv200r010c00spc700
OR
huaweis7700_firmwareMatchv200r011c10spc500
OR
huaweis7700_firmwareMatchv200r011c10spc600
OR
huaweis9700_firmwareMatchv200r010c00spc600
OR
huaweis9700_firmwareMatchv200r011c10spc500
OR
huaweis9700_firmwareMatchv200r011c10spc600
OR
huaweiusg9500_firmwareMatchv500r005c00
OR
huaweiusg9500_firmwareMatchv500r005c20
VendorProductVersionCPE
huaweiips_module_firmwarev500r005c00cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*
huaweiips_module_firmwarev500r005c20cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*
huaweingfw_module_firmwarev500r005c00cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r005c00cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r005c20cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*
huaweis12700_firmwarev200r010c00spc600cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
huaweis12700_firmwarev200r011c10spc500cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
huaweis12700_firmwarev200r011c10spc600cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
huaweis12700_firmwarev200r013c00spc500cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*
huaweis12700_firmwarev200r019c00spc200cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

Related

openvas 1
cnvd 1
cvelist 1
nvd 1
prion 1
cve 1
openvas
openvas
Huawei Data Communication: Out of Bounds Write Vulnerability in Some Huawei Products (huawei-sa-20211020-01-outofwrite)
2021-10-29 00:00:00
cnvd
cnvd
Multiple Huawei products cross the border to write vulnerabilities
2021-10-18 00:00:00
cvelist
cvelist
CVE-2021-37129
2021-10-27 00:41:44
nvd
nvd
CVE-2021-37129
2021-10-27 01:15:07
prion
prion
Cross site scripting
2021-10-27 01:15:00
cve
cve
CVE-2021-37129
2021-10-27 01:15:07

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.8%

JSON
Related for HUAWEI-SA-20211020-01-OUTOFWRITE
openvas1cnvd1cvelist1nvd1prion1cve1