How severe is CVE-2018-7994?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2018-7994?

This is classified as CWE-772, which is a common weakness in software security.

CVE-2018-7994 - HIGH Severity | CVSS 7.5

Vulnerability Description

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

Related Vulnerabilities

CVE-1999-1127

HIGH

CVSS:7.5(High)

Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing m...

CWE-7721999

CVE-2001-0830

HIGH

CVSS:7.5(High)

6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to a...

CWE-7722001

CVE-2007-0897

HIGH

CVSS:7.5(High)

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scan...

CWE-7722007

CVE-2007-4103

HIGH

CVSS:7.5(High)

The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows ...

CWE-7722007

CVE-2008-2122

HIGH

CVSS:7.5(High)

IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a port scan, which spawns multiple bfagent server processes that attempt to read data from clo...

CWE-7722008

CVE-2010-4657

HIGH

CVSS:7.5(High)

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

CWE-7722010