Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-7994

UNKNOWN
Published 2018-07-31T14:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-7994. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Huawei Technologies Co., Ltd.

NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500

Affected Versions:

IPS Module V500R001C50 NGFW Module V500R001C50 V500R002C10 NIP6300 V500R001C50 NIP6600 V500R001C50 NIP6800 V500R001C50 Secospace USG6600 V500R001C50 USG9500 V500R001C50

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-jfrw-3j8q-2c86

Advisory Details

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-7994
WEB http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-en

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180704-01-firewall-en
Published: 2018-07-31T14:00:00
Last Modified: 2024-08-05T06:37:59.640Z
Copied to clipboard!