1. Home
  2. CVE Database
  3. CVE-2021-22310
MEDIUM · 4.4

CVE-2021-22310

There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in ...

Vulnerability Description

There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10.

CVSS Score

4.4

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HuaweiNip6300 Firmwarev500r001c00
HuaweiNip6300-
HuaweiNip6600 Firmwarev500r001c00
HuaweiNip6600-
HuaweiSecospace Usg6300 Firmwarev500r001c00
HuaweiSecospace Usg6300-
HuaweiSecospace Usg6500 Firmwarev500r001c00
HuaweiSecospace Usg6500-
HuaweiSecospace Usg6600 Firmwarev500r001c00
HuaweiSecospace Usg6600-
HuaweiUsg9500 Firmwarev500r005c00
HuaweiUsg9500-

Related Weaknesses (CWE)

CWE-532

References

FAQ

What is CVE-2021-22310?

CVE-2021-22310 is a vulnerability with a CVSS score of 4.4 (MEDIUM). There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in ...

How severe is CVE-2021-22310?

CVE-2021-22310 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22310?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Nip6300 Firmware, Huawei Nip6300, Huawei Nip6600 Firmware, Huawei Nip6600, Huawei Secospace Usg6300 Firmware.