CVE-2021-40033

There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800.

Published: Jan 31, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-40033
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
huawei / cloudengine_12800_firmware	200r005c10spc800	200r005c10spc800.x
huawei / cloudengine_5800_firmware	200r005c10spc800	200r005c10spc800.x
huawei / cloudengine_5800_firmware	200r019c00spc800	200r019c00spc800.x
huawei / cloudengine_6800_firmware	200r005c10spc800	200r005c10spc800.x
huawei / cloudengine_6800_firmware	200r005c20spc800	200r005c20spc800.x
huawei / cloudengine_6800_firmware	200r019c00spc800	200r019c00spc800.x
huawei / cloudengine_7800_firmware	200r005c10spc800	200r005c10spc800.x
huawei / cloudengine_7800_firmware	200r019c00spc800	200r019c00spc800.x

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220112-01-infodis-en

Vulnerability Database

289,599

CVE-2021-40033