There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.

UNKNOWN Nov 23, 2021

CVE-2021-22341

There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.

UNKNOWN Jun 29, 2021

CVE-2021-22312

There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.

UNKNOWN Apr 08, 2021

CVE-2019-5254

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

UNKNOWN Dec 13, 2019

CVE-2019-5255

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.

UNKNOWN Dec 13, 2019

CVE-2019-5258

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

UNKNOWN Dec 13, 2019

CVE-2019-5257

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.

UNKNOWN Dec 13, 2019

IPS Module

Versions

V500R001C50SPC200

V500R005C00SPC102

V500R002C00

V500R001C60SPC100PWE

V200R008C50

V200R007C10

V500R001C20SPC200

V500R005C00,V500R005C10,V500R005C20

V500R003C00

V500R002C00SPC100

V500R005C00SPC100

V500R001C80PWE

V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200

V500R001C00SPC300

V500R001C30SPC600PWE

V200R005C01

V500R001C30SPC500

V500R005C00SPC100,V500R005C10SPC200

V500R002C00SPC300

V500R001C80

V100R001C20SPC100

V500R001C60SPC100

V500R001C50SPC200PWE

V500R002C10

V500R001C60

V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300

V500R001C60SPC300

V500R001C00SPC500PWE

V200R008C10

V500R005C10

V500R001C00SPC200

V200R005C02

V500R001C10SPC100

V500R001C50SPC300

V500R002C00SPC100PWE

V500R001C30SPC200

V500R001C00

V500R005C00

V500R002C00SPC200PWE

V200R007C20

V200R006C00

V500R001C30

V500R001C20SPC500

V100R001C20SPC200

V500R001C00SPC090

V500R005C20

V100R001C00SPC200

V500R001C50SPC100

V500R001C60SPC200PWE

V500R001C00SPC500

V200R005C20

V500R001C10SPC200

V500R001C20SPC101

V500R002C30PWE

V500R001C20SPC200B062

V200R007C00

V500R001C10

V200R011C00

V500R001C60SPC500

V500R001C00SPC700

V500R001C30SPC100PWE

V200R003C01

V500R001C30SPC300

V100R001C10SPC201

V500R001C20SPC300B078

V200R010C00

V500R001C20SPC100

V500R001C00SPC600

V200R003C00SPC100

V500R001C20

V500R002C30

V500R001C00SPH508

V200R008C20

V500R001C30SPC100

V500R001C50PWE

V500R002C20

V500R001C60SPC600

V200R005C03