CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22361

There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

Products affected by CVE-2021-22361

Huawei » Ecns280 » Version: N/A

cpe:2.3:h:huawei:ecns280:-
Huawei » Ese620x Vess » Version: N/A

cpe:2.3:h:huawei:ese620x_vess:-
Huawei » Ecns280 Firmware » Version: v100r005c00

cpe:2.3:o:huawei:ecns280_firmware:v100r005c00
Huawei » Ecns280 Firmware » Version: v100r005c10

cpe:2.3:o:huawei:ecns280_firmware:v100r005c10
Huawei » Ese620x Vess Firmware » Version: v100r001c10spc200

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c10spc200
Huawei » Ese620x Vess Firmware » Version: v100r001c20spc200

cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c20spc200

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22361

Products

Pricing

Contact Us