Ecns280 Firmware

ecns280_firmware

Vendor: Huawei • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-22338 1Huawei 1Ecns280 Firmware Nov 21, 2024 Jun 29, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, l...Show more There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service.Show less
CVE-2021-22361 1Huawei 2Ecns280 Firmware Ese620x Vess Firmware Nov 21, 2024 Jun 22, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch p...Show more There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service.Show less
CVE-2021-22292 1Huawei 1Ecns280 Firmware Nov 21, 2024 Feb 6, 2021 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing s...Show more There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS.Show less