CVE-2021-22362

Name of the Vulnerable Software and Affected Versions: CloudEngine 12800 versions V200R002C50SPC800 through V200R019C10SPC800 CloudEngine 5800 versions V200R002C50SPC800 through V200R019C10SPC800 CloudEngine 6800 versions V200R002C50SPC800 through V200R019C10SPC800 CloudEngine 7800 versions V200R002C50SPC800 through V200R019C10SPC800

Description: There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.

Recommendations: For CloudEngine 12800 versions V200R002C50SPC800 through V200R019C10SPC800, update to a version that includes the fix for this vulnerability. For CloudEngine 5800 versions V200R002C50SPC800 through V200R019C10SPC800, update to a version that includes the fix for this vulnerability. For CloudEngine 6800 versions V200R002C50SPC800 through V200R019C10SPC800, update to a version that includes the fix for this vulnerability. For CloudEngine 7800 versions V200R002C50SPC800 through V200R019C10SPC800, update to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the vulnerable devices to minimize the risk of exploitation.