1. Home
  2. CVE Database
  3. CVE-2021-22362
MEDIUM · 5.3

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient valida...

Vulnerability Description

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
HuaweiCloudengine 12800 Firmwarev200r002c50spc800
HuaweiCloudengine 12800-
HuaweiCloudengine 5800 Firmwarev200r002c50spc800
HuaweiCloudengine 5800-
HuaweiCloudengine 6800 Firmwarev200r002c50spc800
HuaweiCloudengine 6800-
HuaweiCloudengine 7800 Firmwarev200r002c50spc800
HuaweiCloudengine 7800-

Related Weaknesses (CWE)

CWE-787

References

FAQ

What is CVE-2021-22362?

CVE-2021-22362 is a vulnerability with a CVSS score of 5.3 (MEDIUM). There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient valida...

How severe is CVE-2021-22362?

CVE-2021-22362 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22362?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Cloudengine 12800 Firmware, Huawei Cloudengine 12800, Huawei Cloudengine 5800 Firmware, Huawei Cloudengine 5800, Huawei Cloudengine 6800 Firmware.