Lucene search

[email protected]CVE-2021-22320

HistoryMar 22, 2021 - 7:15 p.m.

CVE-2021-22320

2021-03-2219:15:11

[email protected]

web.nvd.nist.gov

cve-2021-22320

denial of service

huawei

ips module

ngfw module

nip6600

nip6800

secospace usg6300

secospace usg6500

secospace usg6600

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.7%

JSON

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.

Affected configurations

NVD

Node

huaweiips_module_firmwareMatchv500r005c00spc100

huaweiips_module_firmwareMatchv500r005c00spc200

huaweiips_module_firmwareMatchv500r005c20spc300

AND

huaweiips_moduleMatch-

Node

huaweingfw_module_firmwareMatchv500r005c00spc100

huaweingfw_module_firmwareMatchv500r005c00spc200

huaweingfw_module_firmwareMatchv500r005c20spc300

AND

huaweingfw_moduleMatch-

Node

huaweinip6600_firmwareMatchv500r001c30spc200

huaweinip6600_firmwareMatchv500r001c30spc600

huaweinip6600_firmwareMatchv500r001c60spc500

huaweinip6600_firmwareMatchv500r005c00spc100

huaweinip6600_firmwareMatchv500r005c00spc200

huaweinip6600_firmwareMatchv500r005c20spc300

huaweinip6600_firmwareMatchv500r005c20spc500

AND

huaweinip6600Match-

Node

huaweinip6800_firmwareMatchv500r001c60spc500

huaweinip6800_firmwareMatchv500r005c00spc100

huaweinip6800_firmwareMatchv500r005c00spc200

huaweinip6800_firmwareMatchv500r005c20spc300

huaweinip6800_firmwareMatchv500r005c20spc500

AND

huaweinip6800Match-

Node

huaweisecospace_usg6300_firmwareMatchv500r001c30spc200

huaweisecospace_usg6300_firmwareMatchv500r001c30spc600

huaweisecospace_usg6300_firmwareMatchv500r001c60spc500

huaweisecospace_usg6300_firmwareMatchv500r005c00spc100

huaweisecospace_usg6300_firmwareMatchv500r005c00spc200

huaweisecospace_usg6300_firmwareMatchv500r005c20spc300

huaweisecospace_usg6300_firmwareMatchv500r005c20spc500

AND

huaweisecospace_usg6300Match-

Node

huaweisecospace_usg6500_firmwareMatchv500r001c30spc200

huaweisecospace_usg6500_firmwareMatchv500r001c30spc600

huaweisecospace_usg6500_firmwareMatchv500r001c60spc500

huaweisecospace_usg6500_firmwareMatchv500r005c00spc100

huaweisecospace_usg6500_firmwareMatchv500r005c00spc200

huaweisecospace_usg6500_firmwareMatchv500r005c20spc300

huaweisecospace_usg6500_firmwareMatchv500r005c20spc500

AND

huaweisecospace_usg6500Match-

Node

huaweisecospace_usg6600_firmwareMatchv500r001c30spc200

huaweisecospace_usg6600_firmwareMatchv500r001c30spc600

huaweisecospace_usg6600_firmwareMatchv500r001c60spc500

huaweisecospace_usg6600_firmwareMatchv500r005c00spc100

huaweisecospace_usg6600_firmwareMatchv500r005c00spc200

huaweisecospace_usg6600_firmwareMatchv500r005c20spc300

huaweisecospace_usg6600_firmwareMatchv500r005c20spc500

AND

huaweisecospace_usg6600Match-

CPENameOperatorVersion
huawei:ips_module_firmwarehuawei ips module firmwareeqv500r005c00spc100
huawei:ips_module_firmwarehuawei ips module firmwareeqv500r005c00spc200
huawei:ips_module_firmwarehuawei ips module firmwareeqv500r005c20spc300

CPE	Name	Operator	Version
huawei:ips_module_firmware	huawei ips module firmware	eq	v500r005c00spc100
huawei:ips_module_firmware	huawei ips module firmware	eq	v500r005c00spc200
huawei:ips_module_firmware	huawei ips module firmware	eq	v500r005c20spc300

CNA Affected

[
  {
    "product": "IPS Module;NGFW Module;NIP6600;NIP6800;Secospace USG6300;Secospace USG6500;Secospace USG6600",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300"
      },
      {
        "status": "affected",
        "version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300,V500R005C20SPC500"
      },
      {
        "status": "affected",
        "version": "V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300,V500R005C20SPC500"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-en

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.7%

JSON

Related for CVE-2021-22320

prion1 cvelist1 openvas1 huawei1 nvd1