CVE-2021-22366

CWE-125Out-of-bounds Read3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 94.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Ese620x Vess Firmware
Timeline
PublishedJun 22
Latest updateMay 24

Description

There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ese620x_vessV100R001C10SPC200,V100R001C20SPC200,V200R001C00SPC300
NVDhuawei/ese620x_vess_firmwarev100r001c10spc200, v100r001c20spc200, v200r001c00spc300+2

🔴Vulnerability Details

2
GHSA
GHSA-35fw-8rmc-f2j5: There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC3002022-05-24
CVEList
CVE-2021-22366: There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC3002021-06-22
CVE-2021-22366 (MEDIUM CVSS 5.5) | There is an out-of-bounds read vuln | cvebase.io