Unknown
CVE-2021-22342
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-22342
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions V500R005C00, V500R005C10, V500R005C20; NGFW Module versions V500R005C00,V500R005C10, V500R005C20; SeMG9811 versions V500R005C00; USG9500 versions V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, V500R001C80, V500R005C00, V500R005C10, V500R005C20.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- ips module firmware v500r005c00,
- ips module firmware v500r005c10,
- ips module firmware v500r005c20,
- ngfw module firmware v500r005c00,
- ngfw module firmware v500r005c10,
- ngfw module firmware v500r005c20,
- semg9811 firmware v500r005c00,
- usg9500 firmware v500r001c00,
- usg9500 firmware v500r001c20,
- usg9500 firmware v500r001c30,
- usg9500 firmware v500r001c50,
- usg9500 firmware v500r001c60,
- usg9500 firmware v500r001c80,
- usg9500 firmware v500r005c00,
- usg9500 firmware v500r005c10,
- usg9500 firmware v500r005c20
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
