1. Home
  2. CVE Database
  3. CVE-2020-9124
HIGH · 7.5

CVE-2020-9124

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected prod...

Vulnerability Description

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiCloudengine 12800 Firmwarev200r002c50spc800
HuaweiCloudengine 12800-
HuaweiCloudengine 5800 Firmwarev200r002c50spc800
HuaweiCloudengine 5800-
HuaweiCloudengine 6800 Firmwarev200r002c50spc800
HuaweiCloudengine 6800-
HuaweiCloudengine 7800 Firmwarev200r002c50spc800
HuaweiCloudengine 7800-

Related Weaknesses (CWE)

CWE-401

References

FAQ

What is CVE-2020-9124?

CVE-2020-9124 is a vulnerability with a CVSS score of 7.5 (HIGH). There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected prod...

How severe is CVE-2020-9124?

CVE-2020-9124 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9124?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Cloudengine 12800 Firmware, Huawei Cloudengine 12800, Huawei Cloudengine 5800 Firmware, Huawei Cloudengine 5800, Huawei Cloudengine 6800 Firmware.