CVE-2021-22292

7.5HIGH

Key Information:

Vendor: Huawei
Status: Ecns280
Vendor: CVE Published:; 6 February 2021

Summary

There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS.

Affected Version(s)

eCNS280 V100R005C00

eCNS280 V100R005C10

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2021
Vulnerability Reserved
Jan 5, 2021