Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Huawei Subscribe
Filtered by product Taurus-al00a
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22304 1 Huawei 2 Taurus-al00a, Taurus-al00a Firmware 2021-02-10 2.1 LOW 3.3 LOW
There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service.
CVE-2021-22302 1 Huawei 2 Taurus-al00a, Taurus-al00a Firmware 2021-02-10 3.6 LOW 7.1 HIGH
There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service.
CVE-2021-22303 1 Huawei 2 Taurus-al00a, Taurus-al00a Firmware 2021-02-10 4.3 MEDIUM 3.3 LOW
There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service.
CVE-2021-22293 1 Huawei 4 Campusinsight, Manageone, Taurus-al00a and 1 more 2021-02-10 5.0 MEDIUM 7.5 HIGH
Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1).
CVE-2020-9093 1 Huawei 2 Taurus-al00a, Taurus-al00a Firmware 2020-12-30 4.3 MEDIUM 5.5 MEDIUM
There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application with common privilege. This would compromise normal service.
CVE-2020-9087 1 Huawei 2 Taurus-al00a, Taurus-al00a Firmware 2020-10-16 2.1 LOW 5.5 MEDIUM
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak.