CVE-2021-22357: Input Validation
First published: Mon Aug 23 2021(Updated: )
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei S12700 Firmware | =v200r013c00spc500 | |
| Huawei S12700 Firmware | =v200r019c00spc500 | |
| Huawei S12700 | ||
| Huawei S5700 Firmware | =v200r013c00spc500 | |
| Huawei S5700 Firmware | =v200r019c00spc500 | |
| Huawei S5700 | ||
| Huawei S6700 Firmware | =v200r013c00spc500 | |
| Huawei S6700 Firmware | =v200r019c00spc500 | |
| Huawei S6700 | ||
| Huawei S7700 Firmware | =v200r013c00spc500 | |
| Huawei S7700 Firmware | =v200r019c00spc500 | |
| Huawei S7700 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this denial of service vulnerability in Huawei products?
The vulnerability ID is CVE-2021-22357.
What is the severity level of CVE-2021-22357?
The severity level of CVE-2021-22357 is high with a score of 7.5.
Which Huawei products are affected by CVE-2021-22357?
Huawei S12700 Firmware (v200r013c00spc500, v200r019c00spc500), Huawei S5700 Firmware (v200r013c00spc500, v200r019c00spc500), Huawei S6700 Firmware (v200r013c00spc500, v200r019c00spc500), Huawei S7700 Firmware (v200r013c00spc500, v200r019c00spc500).
How can an attacker exploit CVE-2021-22357?
An attacker can exploit this vulnerability by sending specific messages to the affected module.
Is there a fix available for CVE-2021-22357?
Please refer to the Huawei Security Advisory for information on available fixes.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/huawei
- canonical/huawei s12700 firmware
- version/huawei s12700 firmware/v200r013c00spc500
- version/huawei s12700 firmware/v200r019c00spc500
- canonical/huawei s12700
- canonical/huawei s5700 firmware
- version/huawei s5700 firmware/v200r013c00spc500
- version/huawei s5700 firmware/v200r019c00spc500
- canonical/huawei s5700
- canonical/huawei s6700 firmware
- version/huawei s6700 firmware/v200r013c00spc500
- version/huawei s6700 firmware/v200r019c00spc500
- canonical/huawei s6700
- canonical/huawei s7700 firmware
- version/huawei s7700 firmware/v200r013c00spc500
- version/huawei s7700 firmware/v200r019c00spc500
- canonical/huawei s7700