CVE-2021-22366

Опубликовано: 22 июн. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS).

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-03-dos-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-03-dos-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c10spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c20spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:ese620x_vess_firmware:v200r001c00spc300:*:*:*:*:*:*:*

cpe:2.3:h:huawei:ese620x_vess:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-35fw-8rmc-f2j5

github

больше 3 лет назад