Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-22360

There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG9500. An authentication attacker needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.

Published

2021-05-27T13:15:07.930

Last Modified

2024-11-21T05:49:58.483

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-770

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	usg9500_firmware	v500r001c60spc500	Yes
Operating System	huawei	usg9500_firmware	v500r005c00spc100	Yes
Operating System	huawei	usg9500_firmware	v500r005c00spc200	Yes
Hardware	huawei	usg9500	-	No

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-resource-en Vendor Advisory ([email protected])
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-01-resource-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)