CVE-2021-22356

Summary

There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.

Affected Software

VendorProductVersion RangeStatus
n/aIPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500V500R005C00SPC100,V500R005C00SPC200affected
n/aIPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200affected

Weaknesses

  • Weak Secure Algorithm

ADP Enrichment

CVE Program Container

Additional References

References