Denial of Service Vulnerability in Huawei CloudEngine Series
CVE-2021-22393

7.5HIGH

Key Information:

Vendor: Huawei
Status: Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800
Vendor: CVE Published:; 28 April 2021

What is CVE-2021-22393?

The design of the module in specific versions of Huawei's CloudEngine 5800, 6800, 7800, and 12800 series exposes them to a denial of service risk. Attackers can exploit this vulnerability by sending a targeted volume of malformed messages, which can overwhelm the affected systems and disrupt normal operational services. Ensuring your network devices are updated with the latest security patches is essential to mitigate this risk.

Affected Version(s)

CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800 V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2021
Vulnerability Reserved
Jan 5, 2021