CVE-2021-22383

Опубликовано: 22 июн. 2021

Источник: nvd

CVSS3: 4.9

CVSS2: 6.8

EPSS Низкий

Описание

There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an out-of-bounds read vulnerability. An attacker can exploit this vulnerability by sending a specific message to the target device, which could cause a Denial of Service (DoS).

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210616-01-cgp-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210616-01-cgp-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c10:*:*:*:*:*:*:*

cpe:2.3:h:huawei:ecns280_td:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c10spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c20spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:ese620x_vess_firmware:v200r001c00spc300:*:*:*:*:*:*:*

cpe:2.3:h:huawei:ese620x_vess:-:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00149

Низкий

4.9 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-6cwc-pxwm-p422

github

больше 3 лет назад