CVE-2018-7994
N/A
N/A
Summary
Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | IPS Module V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | NGFW Module V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | V500R002C10 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | NIP6300 V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | NIP6600 V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | NIP6800 V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | Secospace USG6600 V500R001C50 | affected |
| Huawei Technologies Co., Ltd. | NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500 | USG9500 V500R001C50 | affected |
Weaknesses
- memory leak
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.