First published: Tue Jun 22 2021(Updated: )
There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS).
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Ese620x Vess Firmware | =v100r001c10spc200 | |
Huawei Ese620x Vess Firmware | =v100r001c20spc200 | |
Huawei Ese620x Vess Firmware | =v200r001c00spc300 | |
Huawei Ese620x Vess |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-22366 is an out-of-bounds read vulnerability in Huawei's eSE620X vESS firmware versions V100R001C10SPC200, V100R001C20SPC200, and V200R001C00SPC300.
The severity of CVE-2021-22366 is medium, with a CVSS score of 5.5.
CVE-2021-22366 affects Huawei's eSE620X vESS firmware versions V100R001C10SPC200, V100R001C20SPC200, and V200R001C00SPC300.
An attacker can exploit CVE-2021-22366 by crafting messages between system processes to trigger an out-of-bounds read vulnerability.
For a fix, it is recommended to follow the patches and guidelines provided by Huawei in their security advisory.