Product:

Cloudengine_12800_firmware

(Huawei)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 28
Date Id Summary Products Score Patch Annotated
2021-04-28 CVE-2021-22332 There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 7.5
2021-05-27 CVE-2021-22362 There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions... Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 5.3
2021-08-23 CVE-2021-22328 There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 7.5
2021-10-27 CVE-2021-37122 There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 6.5
2021-12-13 CVE-2021-40008 There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 7.5
2022-01-31 CVE-2021-40033 There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 5.5
2022-01-31 CVE-2021-40042 There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800. Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware 6.5
2019-12-13 CVE-2019-5248 CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device. Cloudengine_12800_firmware 7.4
2019-12-13 CVE-2019-5291 Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Cloudengine_12800_firmware, Netengine16ex_firmware, S6700_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware N/A
2018-02-15 CVE-2017-17301 Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10,... Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Dp300_firmware, Espace_iad_firmware, Espace_u1981_firmware, Espace_usm_firmware, Smc2\.0_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Te30_firmware, Te60_firmware, Viewpoint_8660_firmware, Vp9660_firmware 9.8