Vulnerability Details CVE-2021-37122
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
References
Products affected by CVE-2021-37122
-
cpe:2.3:h:huawei:cloudengine_12800:-
-
cpe:2.3:h:huawei:cloudengine_5800:-
-
cpe:2.3:h:huawei:cloudengine_6800:-
-
cpe:2.3:h:huawei:cloudengine_7800:-
-
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800
-
cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800
-
cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800
-
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800
-
cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800
-
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800
-
cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800