Ese620x Vess Firmware

ese620x_vess_firmware

Vendor: Huawei • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-39999 1Huawei 1Ese620x Vess Firmware Nov 21, 2024 Jul 12, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validati...Show more There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.Show less
CVE-2021-39995 1Huawei 2Ecns280 Td Firmware Ese620x Vess Firmware Nov 21, 2024 Nov 29, 2021 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product...Show more Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.Show less
CVE-2021-22396 1Huawei 2Ecns280 Td Firmware Ese620x Vess Firmware Nov 21, 2024 Aug 2, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful expl...Show more There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200.Show less
CVE-2021-22383 1Huawei 2Ecns280 Td Firmware Ese620x Vess Firmware Nov 21, 2024 Jun 22, 2021 N/A· v4 4.9 MEDIUM· v3 6.8 MEDIUM· v2 There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an ou...Show more There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an out-of-bounds read vulnerability. An attacker can exploit this vulnerability by sending a specific message to the target device, which could cause a Denial of Service (DoS).Show less
CVE-2021-22366 1Huawei 1Ese620x Vess Firmware Nov 21, 2024 Jun 22, 2021 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read...Show more There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS).Show less
CVE-2021-22365 1Huawei 1Ese620x Vess Firmware Nov 21, 2024 Jun 22, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due...Show more There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal.Show less
CVE-2021-22361 1Huawei 2Ecns280 Firmware Ese620x Vess Firmware Nov 21, 2024 Jun 22, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch p...Show more There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service.Show less