Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2018-7994
Analyzed
More InfoOfficial Page
Source-psirt@huawei.com
View Known Exploited Vulnerability (KEV) details
Published At-31 Jul, 2018 | 14:29
Updated At-03 Oct, 2019 | 00:03

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>ips_module>>v500r001c50
cpe:2.3:o:huawei:ips_module:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>ips_module>>-
cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>ngfw_module>>v500r001c50
cpe:2.3:o:huawei:ngfw_module:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>ngfw_module>>v500r002c10
cpe:2.3:o:huawei:ngfw_module:v500r002c10:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>ngfw_module>>-
cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6300>>v500r001c50
cpe:2.3:o:huawei:nip6300:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6300>>-
cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6600>>v500r001c50
cpe:2.3:o:huawei:nip6600:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6600>>-
cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6800>>v500r001c50
cpe:2.3:o:huawei:nip6800:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6800>>-
cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600>>v500r001c50
cpe:2.3:o:huawei:secospace_usg6600:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600>>-
cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500>>v500r001c50
cpe:2.3:o:huawei:usg9500:v500r001c50:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500>>-
cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-772Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-enpsirt@huawei.com
Vendor Advisory
Change History
0Changes found
Details not found