CVE-2021-22328

CWE-755 — Improper Exception Handling3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 60.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Cloudengine 12800 Firmware Huawei Cloudengine 5800 Firmware Huawei Cloudengine 6800 Firmware +1 more

Timeline

PublishedAug 23

Latest updateMay 24

Description

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶NVDhuawei/cloudengine_5800_firmwarev200r005c00spc800

▶NVDhuawei/cloudengine_6800_firmwarev200r005c00spc800

▶NVDhuawei/cloudengine_7800_firmwarev200r005c00spc800

▶NVDhuawei/cloudengine_12800_firmwarev200r005c00spc800

🔴Vulnerability Details

GHSA

GHSA-gw32-cjfh-w92v: There is a denial of service vulnerability in some huawei products↗2022-05-24

▶

CVEList

CVE-2021-22328: There is a denial of service vulnerability in some huawei products↗2021-08-23

▶