There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: huawei
Published: 2021-06-29T18:51:23
Updated: 2024-08-03T18:37:18.548Z
Reserved: 2021-01-05T00:00:00
Link: CVE-2021-22338
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-06-29T19:15:09.147
Modified: 2021-07-02T19:58:46.307
Link: CVE-2021-22338
Redhat
No data.