7.5
CVE-2021-22357
- EPSS 0.18%
- Published 23.08.2021 20:15:14
- Last modified 21.11.2024 05:49:58
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ S12700 Firmware Versionv200r013c00spc500
Huawei ≫ S12700 Firmware Versionv200r019c00spc500
Huawei ≫ S5700 Firmware Versionv200r013c00spc500
Huawei ≫ S5700 Firmware Versionv200r019c00spc500
Huawei ≫ S6700 Firmware Versionv200r013c00spc500
Huawei ≫ S6700 Firmware Versionv200r019c00spc500
Huawei ≫ S7700 Firmware Versionv200r013c00spc500
Huawei ≫ S7700 Firmware Versionv200r019c00spc500
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.367 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.