CVE-2021-22365

CWE-125Out-of-bounds Read3 documents3 sources
Severity
3.3LOW
EPSS
0.0%
top 93.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Ese620x Vess Firmware
Timeline
PublishedJun 22
Latest updateMay 24

Description

There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ese620x_vessV100R001C10SPC200,V100R001C20SPC200,V200R001C00SPC300
NVDhuawei/ese620x_vess_firmwarev100r001c10spc200, v100r001c20spc200, v200r001c00spc300+2

🔴Vulnerability Details

2
GHSA
GHSA-4fhw-qjg6-gcq8: There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC3002022-05-24
CVEList
CVE-2021-22365: There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC3002021-06-22
CVE-2021-22365 (LOW CVSS 3.3) | There is an out of bounds read vuln | cvebase.io