Vulnerability Description
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Nip6300 Firmware | v500r001c30 |
| Huawei | Nip6300 | - |
| Huawei | Nip6600 Firmware | v500r001c30 |
| Huawei | Nip6600 | - |
| Huawei | Nip6800 Firmware | v500r001c60 |
| Huawei | Nip6800 | - |
| Huawei | S12700 Firmware | v200r007c01 |
| Huawei | S12700 | - |
| Huawei | S1700 Firmware | v200r009c00spc200 |
| Huawei | S1700 | - |
| Huawei | S2700 Firmware | v200r008c00 |
| Huawei | S2700 | - |
| Huawei | S5700 Firmware | v200r008c00 |
| Huawei | S5700 | - |
| Huawei | S6700 Firmware | v200r008c00 |
| Huawei | S6700 | - |
| Huawei | S7700 Firmware | v200r008c00 |
| Huawei | S7700 | - |
| Huawei | S9700 Firmware | v200r007c01 |
| Huawei | S9700 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-enVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-enVendor Advisory
FAQ
What is CVE-2021-22321?
CVE-2021-22321 is a vulnerability with a CVSS score of 5.3 (MEDIUM). There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operat...
How severe is CVE-2021-22321?
CVE-2021-22321 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22321?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Nip6300 Firmware, Huawei Nip6300, Huawei Nip6600 Firmware, Huawei Nip6600, Huawei Nip6800 Firmware.