Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-37129
HistoryOct 27, 2021 - 1:15 a.m.

CVE-2021-37129

2021-10-2701:15:07
CWE-787
[email protected]
web.nvd.nist.gov
5
vulnerability
out of bounds write
huawei products
denial of service
ips module
ngfw module
nip6600
s12700
s1700
s2700
s5700
s6700
s7700
s9700
usg9500
input parameter.

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.8%

JSON

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.

Affected configurations

Nvd
Node
huaweiips_module_firmwareMatchv500r005c00
OR
huaweiips_module_firmwareMatchv500r005c20
AND
huaweiips_moduleMatch-
Node
huaweingfw_module_firmwareMatchv500r005c00
AND
huaweingfw_moduleMatch-
Node
huaweinip6600_firmwareMatchv500r005c00
OR
huaweinip6600_firmwareMatchv500r005c20
AND
huaweinip6600Match-
Node
huaweis12700_firmwareMatchv200r010c00spc600
OR
huaweis12700_firmwareMatchv200r011c10spc500
OR
huaweis12700_firmwareMatchv200r011c10spc600
OR
huaweis12700_firmwareMatchv200r013c00spc500
OR
huaweis12700_firmwareMatchv200r019c00spc200
OR
huaweis12700_firmwareMatchv200r019c00spc500
OR
huaweis12700_firmwareMatchv200r019c10spc200
OR
huaweis12700_firmwareMatchv200r020c00
OR
huaweis12700_firmwareMatchv200r020c10
AND
huaweis12700Match-
Node
huaweis1700_firmwareMatchv200r010c00spc600
OR
huaweis1700_firmwareMatchv200r011c10spc500
OR
huaweis1700_firmwareMatchv200r011c10spc600
AND
huaweis1700Match-
Node
huaweis2700_firmwareMatchv200r010c00spc600
OR
huaweis2700_firmwareMatchv200r011c10spc500
OR
huaweis2700_firmwareMatchv200r011c10spc600
AND
huaweis2700Match-
Node
huaweis5700_firmwareMatchv200r010c00spc600
OR
huaweis5700_firmwareMatchv200r010c00spc700
OR
huaweis5700_firmwareMatchv200r011c10spc500
OR
huaweis5700_firmwareMatchv200r011c10spc600
OR
huaweis5700_firmwareMatchv200r019c00spc500
AND
huaweis5700Match-
Node
huaweis6700_firmwareMatchv200r010c00spc600
OR
huaweis6700_firmwareMatchv200r011c10spc500
OR
huaweis6700_firmwareMatchv200r011c10spc600
AND
huaweis6700Match-
Node
huaweis7700_firmwareMatchv200r010c00spc600
OR
huaweis7700_firmwareMatchv200r010c00spc700
OR
huaweis7700_firmwareMatchv200r011c10spc500
OR
huaweis7700_firmwareMatchv200r011c10spc600
AND
huaweis7700Match-
Node
huaweis9700_firmwareMatchv200r010c00spc600
OR
huaweis9700_firmwareMatchv200r011c10spc500
OR
huaweis9700_firmwareMatchv200r011c10spc600
AND
huaweis9700Match-
Node
huaweiusg9500_firmwareMatchv500r005c00
OR
huaweiusg9500_firmwareMatchv500r005c20
AND
huaweiusg9500Match-
VendorProductVersionCPE
huaweiips_module_firmwarev500r005c00cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*
huaweiips_module_firmwarev500r005c20cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*
huaweiips_module-cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*
huaweingfw_module_firmwarev500r005c00cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*
huaweingfw_module-cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r005c00cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r005c20cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*
huaweinip6600-cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*
huaweis12700_firmwarev200r010c00spc600cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
huaweis12700_firmwarev200r011c10spc500cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Rows per page:
1-10 of 481

Related

openvas 1
cnvd 1
cvelist 1
prion 1
huawei 1
cve 1
openvas
openvas
Huawei Data Communication: Out of Bounds Write Vulnerability in Some Huawei Products (huawei-sa-20211020-01-outofwrite)
2021-10-29 00:00:00
cnvd
cnvd
Multiple Huawei products cross the border to write vulnerabilities
2021-10-18 00:00:00
cvelist
cvelist
CVE-2021-37129
2021-10-27 00:41:44
prion
prion
Cross site scripting
2021-10-27 01:15:00
huawei
huawei
Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products
2021-10-20 00:00:00
cve
cve
CVE-2021-37129
2021-10-27 01:15:07

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.8%

JSON
Related for NVD:CVE-2021-37129
openvas1cnvd1cvelist1prion1huawei1cve1