Vulnerability Description
There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions V500R005C00, V500R005C10, V500R005C20; NGFW Module versions V500R005C00,V500R005C10, V500R005C20; SeMG9811 versions V500R005C00; USG9500 versions V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, V500R001C80, V500R005C00, V500R005C10, V500R005C20.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Ips Module Firmware | v500r005c00 |
| Huawei | Ips Module | - |
| Huawei | Ngfw Module Firmware | v500r005c00 |
| Huawei | Ngfw Module | - |
| Huawei | Semg9811 Firmware | v500r005c00 |
| Huawei | Semg9811 | - |
| Huawei | Usg9500 Firmware | v500r001c00 |
| Huawei | Usg9500 | - |
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210428-01-infomaVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210428-01-infomaVendor Advisory
FAQ
What is CVE-2021-22342?
CVE-2021-22342 is a vulnerability with a CVSS score of 4.9 (MEDIUM). There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some opera...
How severe is CVE-2021-22342?
CVE-2021-22342 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22342?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ips Module Firmware, Huawei Ips Module, Huawei Ngfw Module Firmware, Huawei Ngfw Module, Huawei Semg9811 Firmware.