Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-22411
HistoryMay 27, 2021 - 1:15 p.m.

CVE-2021-22411

2021-05-2713:15:08
CWE-787
[email protected]
web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

28.6%

JSON

There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.Affected product versions include: NGFW Module versions V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;USG9500 versions V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200.

Affected configurations

NVD
Node
huaweingfw_module_firmwareMatchv500r005c00spc100
OR
huaweingfw_module_firmwareMatchv500r005c00spc200
AND
huaweingfw_moduleMatch-
Node
huaweisecospace_usg6300_firmwareMatchv500r001c30spc200
OR
huaweisecospace_usg6300_firmwareMatchv500r001c30spc600
OR
huaweisecospace_usg6300_firmwareMatchv500r001c60spc500
OR
huaweisecospace_usg6300_firmwareMatchv500r005c00spc100
OR
huaweisecospace_usg6300_firmwareMatchv500r005c00spc200
AND
huaweisecospace_usg6300Match-
Node
huaweisecospace_usg6500_firmwareMatchv500r001c30spc200
OR
huaweisecospace_usg6500_firmwareMatchv500r001c30spc600
OR
huaweisecospace_usg6500_firmwareMatchv500r001c60spc500
OR
huaweisecospace_usg6500_firmwareMatchv500r005c00spc100
OR
huaweisecospace_usg6500_firmwareMatchv500r005c00spc200
AND
huaweisecospace_usg6500Match-
Node
huaweisecospace_usg6600_firmwareMatchv500r001c30spc200
OR
huaweisecospace_usg6600_firmwareMatchv500r001c30spc600
OR
huaweisecospace_usg6600_firmwareMatchv500r001c60spc500
OR
huaweisecospace_usg6600_firmwareMatchv500r005c00spc100
OR
huaweisecospace_usg6600_firmwareMatchv500r005c00spc200
AND
huaweisecospace_usg6600Match-
Node
huaweiusg9500_firmwareMatchv500r001c60spc500
OR
huaweiusg9500_firmwareMatchv500r005c00spc100
OR
huaweiusg9500_firmwareMatchv500r005c00spc200
AND
huaweiusg9500Match-

Related

huawei 1
openvas 1
cvelist 1
cve 1
prion 1
huawei
huawei
Security Advisory - Out-of-Bounds Write Vulnerability in Some Huawei Products
2021-05-06 00:00:00
openvas
openvas
Huawei Data Communication: Out-of-Bounds Write Vulnerability in Some Huawei Products (huawei-sa-20210506-02-outofbounds)
2021-05-31 00:00:00
cvelist
cvelist
CVE-2021-22411
2021-05-27 12:12:55
cve
cve
CVE-2021-22411
2021-05-27 13:15:08
prion
prion
Cross site scripting
2021-05-27 13:15:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

28.6%

JSON
Related for NVD:CVE-2021-22411
huawei1openvas1cvelist1cve1prion1