Vulnerabilities > CVE-2021-22304 - Use After Free vulnerability in Huawei Taurus-Al00A Firmware 10.0.0.1(C00E1R1P1)

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
huawei
CWE-416

Summary

There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service.

Vulnerable Configurations

Part Description Count
OS
Huawei
1
Hardware
Huawei
1

Common Weakness Enumeration (CWE)