CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39999
https://notcve.org/view.php?id=CVE-2021-39999
11 Jul 2022 — There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition. Se presenta una vulnerabilidad de desbordamiento del búfer en eSE620X vESS V100R001C10SPC200 y V100R001C20SPC200. Un atacante puede explotar esta vulnerabilidad mediante el envío de un mensaje específico al disposit... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211201-01-buffer-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-39995
https://notcve.org/view.php?id=CVE-2021-39995
29 Nov 2021 — Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. Algunos productos de Huawei usan el software OpenHpi para la administración del hardware. Una función que analiza los datos devueltos por OpenHpi contiene una vulnerabilidad de le... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211124-03-dos-en • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22396
https://notcve.org/view.php?id=CVE-2021-22396
02 Aug 2021 — There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200. Se presenta una vulnerabilidad de escalada de privilegios en algunos productos de Huawei. Debido a una inapropiada administración de priv... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-privilege-en • CWE-269: Improper Privilege Management •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22383
https://notcve.org/view.php?id=CVE-2021-22383
22 Jun 2021 — There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an out-of-bounds read vulnerability. An attacker can exploit this vulnerability by sending a specific message to the target device, which could cause a Denial of Service (DoS). Se presenta una vulnerabilidad de lectura fuera de límites en eCNS280_TD V100R005C10 y eSE620X vESS V100R001C10SPC200, V... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210616-01-cgp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22366
https://notcve.org/view.php?id=CVE-2021-22366
22 Jun 2021 — There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS). Se presenta una vulnerabilidad de lectura fuera de límites en eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. La vulnerabilidad es debido a... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-03-dos-en • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22365
https://notcve.org/view.php?id=CVE-2021-22365
22 Jun 2021 — There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal. Se presenta una vulnerabilidad de lectura fuera de límites en eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. Un atacante local puede explotar esta vulnera... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-02-outbounds-en • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22361
https://notcve.org/view.php?id=CVE-2021-22361
22 Jun 2021 — There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service. Se presenta una vulnerabilidad de autorización inapropiada en eCNS280 V100R005C00, V100R005C10 y eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-cgp-en •