Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.
2021-11-29T16:15:07.447
2024-11-21T06:20:42.557
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:N/I:N/A:C
8.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | huawei | ecns280_td_firmware | v100r005c10 | Yes |
| Hardware | huawei | ecns280_td | - | No |
| Operating System | huawei | ese620x_vess_firmware | v100r001c10spc200 | Yes |
| Operating System | huawei | ese620x_vess_firmware | v100r001c20spc200 | Yes |
| Operating System | huawei | ese620x_vess_firmware | v200r001c00spc300 | Yes |
| Hardware | huawei | ese620x_vess | - | No |