CVE-2021-22328

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*

History

12 Jul 2022, 17:42

Type	Values Removed	Values Added
CWE	~~CWE-755~~	NVD-CWE-noinfo

30 Aug 2021, 16:20

Type	Values Removed	Values Added
CPE		cpe:2.3:h:huawei:cloudengine_5800:-:::::::* cpe:2.3:h:huawei:cloudengine_6800:-:::::::* cpe:2.3:h:huawei:cloudengine_7800:-:::::::* cpe:2.3:h:huawei:cloudengine_12800:-:::::::* cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:::::::* cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:::::::* cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:::::::* cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
References	~~(MISC) https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en -~~	(MISC) https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-dos-en - Vendor Advisory
CWE		CWE-755

23 Aug 2021, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-08-23 20:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-22328

Mitre link : CVE-2021-22328

CVE.ORG link : CVE-2021-22328

JSON object : View

Products Affected

huawei

cloudengine_7800_firmware
cloudengine_7800
cloudengine_12800_firmware
cloudengine_5800
cloudengine_12800
cloudengine_5800_firmware
cloudengine_6800_firmware
cloudengine_6800

CWE

NVD-CWE-noinfo

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-22328

7.5^/10

5.0^/10

Attach tags to `CVE-2021-22328`