Denial of Service Vulnerability in eCNS280 by Huawei
CVE-2021-22292

7.5HIGH

Key Information:

Vendor: Huawei
Status: Ecns280
Vendor: CVE Published:; 6 February 2021

Summary

A vulnerability exists in the eCNS280 product line that allows remote unauthorized attackers to exploit a design flaw. By sending a substantial number of carefully crafted messages, an attacker can deplete system resources, leading to service disruption and denial of access to legitimate users. Organizations using affected versions V100R005C00 and V100R005C10 are advised to implement immediate security measures to safeguard their systems.

Affected Version(s)

eCNS280 V100R005C00

eCNS280 V100R005C10

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2021
Vulnerability Reserved
Jan 5, 2021