Denial of Service Vulnerability in eCNS280 by Huawei
CVE-2021-22292

7.5HIGH

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
6 February 2021

Summary

A vulnerability exists in the eCNS280 product line that allows remote unauthorized attackers to exploit a design flaw. By sending a substantial number of carefully crafted messages, an attacker can deplete system resources, leading to service disruption and denial of access to legitimate users. Organizations using affected versions V100R005C00 and V100R005C10 are advised to implement immediate security measures to safeguard their systems.

Affected Version(s)

eCNS280 V100R005C00

eCNS280 V100R005C10

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.