Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-22320

Опубликовано: 22 мар. 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ips_module_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

Одно из

cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r005c20spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

Одно из

cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6800_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6800_firmware:v500r005c20spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

Одно из

cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c20spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

Одно из

cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c20spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*
Конфигурация 7

Одновременно

Одно из

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c20spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c20spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*

EPSS

Процентиль: 40%
0.00182
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-8j72-6cmw-672j

github
больше 3 лет назад

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.

EPSS

Процентиль: 40%
0.00182
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo