CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-40042
https://notcve.org/view.php?id=CVE-2021-40042
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versions V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800. Se presenta una vulnerabilidad de puntero no válido en algunos productos de Huawei, una explotación con éxito puede causar que el proceso y el servicio sean anormales. Las versiones de producto afectadas incluyen: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6800 versiones V200R019C10SPC800, V200R019C10SPC900, V200R020C00SPC600, V300R020C00SPC200; CloudEngine 7800 V200R019C10SPC800 • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-invalid-en • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39976
https://notcve.org/view.php?id=CVE-2021-39976
There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Se presenta una vulnerabilidad de escalada de privilegios en CloudEngine 5800 versión V200R020C00SPC600. Debido a una falta de restricciones de privilegios, un atacante local autenticado puede llevar a cabo una operación específica para explotar esta vulnerabilidad. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211103-01-privilege-en •