First published: Tue Jun 22 2021(Updated: )
There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Ecns280 Td Firmware | =v100r005c00 | |
Huawei Ecns280 Td Firmware | =v100r005c10 | |
Huawei Ecns280 Td |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-22378.
The affected software versions are eCNS280_TD V100R005C00 and V100R005C10.
The severity of CVE-2021-22378 is medium with a CVSS score of 5.3.
Successful exploitation of this vulnerability may cause the affected device to behave abnormally.
The vendor has provided a security advisory with mitigation steps. Please refer to the reference link for more information.