CVE-2020-9124
HIGHHuawei CloudEngine 12800 5800 6800 7800 Firmware - Unauthenticated Memory Leak via Specific Message
Title source: llmDescription
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en
Scores
CVSS v3
7.5
EPSS
0.0031
EPSS Percentile
54.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (16)
huawei/cloudengine_12800_firmware
v200r002c50spc800
huawei/cloudengine_12800_firmware
v200r003c00spc810
huawei/cloudengine_12800_firmware
v200r005c00spc800
huawei/cloudengine_12800_firmware
v200r005c10spc800
huawei/cloudengine_5800_firmware
v200r002c50spc800
huawei/cloudengine_5800_firmware
v200r003c00spc810
huawei/cloudengine_5800_firmware
v200r005c00spc800
huawei/cloudengine_5800_firmware
v200r005c10spc800
huawei/cloudengine_6800_firmware
v200r002c50spc800
huawei/cloudengine_6800_firmware
v200r003c00spc810
... and 6 more
Published
Dec 29, 2020
Tracked Since
Feb 18, 2026