Filtered by vendor Huawei
Subscriptions
Filtered by product Ecns280 Firmware
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-22361 | 1 Huawei | 4 Ecns280, Ecns280 Firmware, Ese620x Vess and 1 more | 2024-11-21 | 7.8 High |
There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service. | ||||
CVE-2021-22338 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2024-11-21 | 5.3 Medium |
There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service. | ||||
CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2024-11-21 | 7.5 High |
There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. |
Page 1 of 1.