Vulnerabilities > CVE-2021-22310 - Information Exposure Through Log Files vulnerability in Huawei products

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

huawei

CWE-532

NVD

Published: 2021-03-22

Updated: 2021-03-26

Summary

There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Nip6300 Firmware V500R001C00 Huawei Nip6300 Firmware V500R001C20 Huawei Nip6300 Firmware V500R001C30 Huawei Nip6600 Firmware V500R001C00 Huawei Nip6600 Firmware V500R001C20 Huawei Nip6600 Firmware V500R001C30 Huawei Secospace Usg6300 Firmware V500R001C00 Huawei Secospace Usg6300 Firmware V500R001C20 Huawei Secospace Usg6300 Firmware V500R001C30 Huawei Secospace Usg6500 Firmware V500R001C00 Huawei Secospace Usg6500 Firmware V500R001C20 Huawei Secospace Usg6500 Firmware V500R001C30 Huawei Secospace Usg6600 Firmware V500R001C00 Huawei Secospace Usg6600 Firmware V500R001C20 Huawei Secospace Usg6600 Firmware V500R001C30 Huawei Secospace Usg6600 Firmware V500R001C50 Huawei Secospace Usg6600 Firmware V500R001C60 Huawei Secospace Usg6600 Firmware V500R001C80 Huawei Usg9500 Firmware V500R005C00 Huawei Usg9500 Firmware V500R005C10	20
Hardware	Huawei Huawei Nip6300 - Huawei Nip6600 - Huawei Secospace Usg6300 - Huawei Secospace Usg6500 - Huawei Secospace Usg6600 - Huawei Usg9500 -	6

Common Weakness Enumeration (CWE)

CWE-532 - Information Exposure Through Log Files

Common Attack Pattern Enumeration and Classification (CAPEC)

Fuzzing and observing application log data/errors for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. Fuzzing techniques involve sending random or malformed messages to a target and monitoring the target's response. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash. By observing logs and error messages, the attacker can learn details about the configuration of the target application and might be able to cause the target to disclose sensitive information.

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-plaintextlog-en