CVE-2021-39999Classic Buffer Overflow in Huawei Ese620x Vess Firmware

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 57.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Ese620x Vess Firmware
Timeline
PublishedJul 12
Latest updateJul 13

Description

There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5huawei/ese620x_vess_firmwareV100R001C10SPC200,V100R001C20SPC200
NVDhuawei/ese620x_vess_firmwarev100r001c10spc200, v100r001c20spc200+1

🔴Vulnerability Details

2
GHSA
GHSA-cf47-5h63-vm9m: There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC2002022-07-13
CVEList
CVE-2021-39999: There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC2002022-07-11