CVE-2018-7994
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.
Algunos productos Huawei IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 tienen una vulnerabilidad de filtrado de memoria. El software no libera la memoria asignada correctamente al procesar el cuestionario Protal. Un atacante remoto podría enviar muchos cuestionarios al dispositivo; su explotación con éxito podría provocar que el dispositivo se reinicie, ya que se quedaría sin memoria.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-09 CVE Reserved
- 2018-07-31 CVE Published
- 2024-06-09 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-en | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ips Module Search vendor "Huawei" for product "Ips Module" | v500r001c50 Search vendor "Huawei" for product "Ips Module" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ips Module Search vendor "Huawei" for product "Ips Module" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ngfw Module Search vendor "Huawei" for product "Ngfw Module" | v500r001c50 Search vendor "Huawei" for product "Ngfw Module" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ngfw Module Search vendor "Huawei" for product "Ngfw Module" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ngfw Module Search vendor "Huawei" for product "Ngfw Module" | v500r002c10 Search vendor "Huawei" for product "Ngfw Module" and version "v500r002c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ngfw Module Search vendor "Huawei" for product "Ngfw Module" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6300 Search vendor "Huawei" for product "Nip6300" | v500r001c50 Search vendor "Huawei" for product "Nip6300" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6300 Search vendor "Huawei" for product "Nip6300" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6600 Search vendor "Huawei" for product "Nip6600" | v500r001c50 Search vendor "Huawei" for product "Nip6600" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6600 Search vendor "Huawei" for product "Nip6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | v500r001c50 Search vendor "Huawei" for product "Nip6800" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | v500r001c50 Search vendor "Huawei" for product "Secospace Usg6600" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | v500r001c50 Search vendor "Huawei" for product "Usg9500" and version "v500r001c50" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|