CVE-2021-22360Allocation of Resources Without Limits or Throttling in Huawei Usg9500 Firmware

CWE-770Allocation of Resources Without Limits or Throttling3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 64.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Usg9500 Firmware
Timeline
PublishedMay 27
Latest updateMay 24

Description

There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG9500. An authentication attacker needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5huawei/usg9500_firmwareV500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200
NVDhuawei/usg9500_firmwarev500r001c60spc500, v500r005c00spc100, v500r005c00spc200+2

🔴Vulnerability Details

2
GHSA
GHSA-2p54-cq77-wrjr: There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG95002022-05-24
CVEList
CVE-2021-22360: There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG95002021-05-27
CVE-2021-22360 — Huawei Usg9500 Firmware vulnerability | cvebase