CVE-2021-22361
published 2021-06-22CVE-2021-22361: There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | ecns280_firmware | — | — |
| huawei | ecns280_firmware | — | — |
| huawei | ese620x_vess_firmware | — | — |
| huawei | ese620x_vess_firmware | — | — |