CVE-2021-22357
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
Affected (8)
Products: Huawei: S12700 Firmware, S5700 Firmware, S6700 Firmware, S7700 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r013c00spc500 |
| Running on/with | Platform Versions |
|---|---|
Huawei S12700 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r013c00spc500 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5700 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r013c00spc500 |
| Running on/with | Platform Versions |
|---|---|
Huawei S6700 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r013c00spc500 |
| Running on/with | Platform Versions |
|---|---|
Huawei S7700 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.