{ "id": "CVE-2021-22411", "sourceIdentifier": "psirt@huawei.com", "published": "2021-05-27T13:15:08.043", "lastModified": "2021-06-07T16:56:48.630", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.Affected product versions include: NGFW Module versions V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;USG9500 versions V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei. El c\u00f3digo de un m\u00f3dulo presenta una l\u00f3gica de juicio err\u00f3neo. Unos atacantes pueden explotar esta vulnerabilidad mediante al llevar a cabo m\u00faltiples actividades anormales para desencadenar la l\u00f3gica incorrecta y causar una escritura fuera de l\u00edmites. Esto puede comprometer el servicio normal de las versiones de producto module.Affected incluyen: versiones NGFW M\u00f3dulo V500R005C00SPC100, V500R005C00SPC200, versiones Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; versiones Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; versiones USG9500 V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-787" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*", "matchCriteriaId": "3D8E3300-4E1E-433A-87D9-983F9C1CE2B7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc600:*:*:*:*:*:*:*", "matchCriteriaId": "7D2F8A0A-AA2F-4144-923A-4B461B1A3E99" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60spc500:*:*:*:*:*:*:*", "matchCriteriaId": "26CBEDA1-F057-489F-9255-C178272208CA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200:*:*:*:*:*:*:*", "matchCriteriaId": "2FA2444C-EE5E-4DFC-A9F8-4744059EF7DC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc600:*:*:*:*:*:*:*", "matchCriteriaId": "203B31A8-8C5C-42E8-8D4F-861F90FC16FE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60spc500:*:*:*:*:*:*:*", "matchCriteriaId": "CF816E5F-2082-4460-ABF9-93726C5879A6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "F0DA1F00-D38C-40AF-A14D-D5EE0B0A3751" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*", "matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*", "matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*", "matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*", "matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "BE7369E3-5F3F-40D1-8690-95192131B683" }, { "vulnerable": true, "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "ADA71C5D-4B11-401D-AEC9-907204C21476" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C" } ] } ] } ], "references": [ { "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-02-outofbounds-en", "source": "psirt@huawei.com", "tags": [ "Vendor Advisory" ] } ] }