CVE-2021-40042

Name of the Vulnerable Software and Affected Versions CloudEngine 12800 versions V200R019C10SPC800 through V200R019C10SPC900 CloudEngine 5800 versions V200R019C10SPC800 through V200R020C00SPC600 CloudEngine 6800 versions V200R019C10SPC800 through V300R020C00SPC200 CloudEngine 7800 version V200R019C10SPC800

Description The issue is related to an invalid pointer vulnerability in some Huawei products. Successful exploitation may cause process and service abnormalities. The vulnerability can be exploited by a remote attacker using specially crafted messages, potentially leading to a denial of service.

Recommendations For CloudEngine 12800 versions V200R019C10SPC800 through V200R019C10SPC900, update to a fixed version to resolve the issue. For CloudEngine 5800 versions V200R019C10SPC800 through V200R020C00SPC600, update to a fixed version to resolve the issue. For CloudEngine 6800 versions V200R019C10SPC800 through V300R020C00SPC200, update to a fixed version to resolve the issue. For CloudEngine 7800 version V200R019C10SPC800, update to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable products until a patch is available.