Buffer Overflow Vulnerability in Huawei eSE620X Products
CVE-2021-39999

7.5HIGH

Key Information:

Vendor: Huawei
Status: Ese620x Vess
Vendor: CVE Published:; 12 July 2022

Summary

A buffer overflow vulnerability exists in Huawei's eSE620X products, specifically in the vESS V100R001C10SPC200 and V100R001C20SPC200 versions. This vulnerability allows an attacker to exploit the system by sending specially crafted messages due to inadequate validation of incoming packets. If successfully exploited, this flaw could lead to a denial of service condition, impacting the availability of the affected devices. Organizations using vulnerable versions are advised to implement appropriate security measures to mitigate potential risks.

Affected Version(s)

eSE620X vESS V100R001C10SPC200,V100R001C20SPC200

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 12, 2022
Vulnerability Reserved
Aug 23, 2021