Filtered by vendor Huawei
Subscriptions
Filtered by product Ecns280
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2022-07-12 | 7.5 High |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | ||||
| CVE-2021-22361 | 1 Huawei | 4 Ecns280, Ecns280 Firmware, Ese620x Vess and 1 more | 2022-05-03 | 7.8 High |
| There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service. | ||||
| CVE-2021-22338 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2021-07-02 | 5.3 Medium |
| There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service. | ||||
Page 1 of 1.