Vulnerability Description
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Ips Module Firmware | v500r005c00spc100 |
| Huawei | Ips Module | - |
| Huawei | Ngfw Module Firmware | v500r005c00spc100 |
| Huawei | Ngfw Module | - |
| Huawei | Nip6600 Firmware | v500r001c30spc200 |
| Huawei | Nip6600 | - |
| Huawei | Nip6800 Firmware | v500r001c60spc500 |
| Huawei | Nip6800 | - |
| Huawei | Secospace Usg6300 Firmware | v500r001c30spc200 |
| Huawei | Secospace Usg6300 | - |
| Huawei | Secospace Usg6500 Firmware | v500r001c30spc200 |
| Huawei | Secospace Usg6500 | - |
| Huawei | Secospace Usg6600 Firmware | v500r001c30spc200 |
| Huawei | Secospace Usg6600 | - |
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-enVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-enVendor Advisory
FAQ
What is CVE-2021-22320?
CVE-2021-22320 is a vulnerability with a CVSS score of 7.5 (HIGH). There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affec...
How severe is CVE-2021-22320?
CVE-2021-22320 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22320?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ips Module Firmware, Huawei Ips Module, Huawei Ngfw Module Firmware, Huawei Ngfw Module, Huawei Nip6600 Firmware.