ID

VAR-202103-0519


CVE

CVE-2021-22320


TITLE

plural  Huawei  Product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2021-010255

DESCRIPTION

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600. plural Huawei There are unspecified vulnerabilities in the product.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-22320 // JVNDB: JVNDB-2021-010255 // VULMON: CVE-2021-22320

AFFECTED PRODUCTS

vendor:huaweimodel:nip6600scope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:nip6800scope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c60spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r005c20spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c60spc500

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c30spc600

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c30spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c30spc600

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c30spc600

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c30spc200

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c30spc200

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r005c00spc200

Trust: 1.0

vendor:huaweimodel:nip6800scope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r005c20spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c30spc600

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c60spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c30spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r005c20spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:nip6800scope:eqversion:v500r005c20spc500

Trust: 1.0

vendor:huaweimodel:nip6800scope:eqversion:v500r001c60spc500

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r005c20spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c60spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r005c00spc100

Trust: 1.0

vendor:huaweimodel:nip6800scope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r005c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope: - version: -

Trust: 0.8

vendor:huaweimodel:secospace usg6300scope: - version: -

Trust: 0.8

vendor:huaweimodel:ips modulescope: - version: -

Trust: 0.8

vendor:huaweimodel:ngfw modulescope: - version: -

Trust: 0.8

vendor:huaweimodel:nip6800scope: - version: -

Trust: 0.8

vendor:huaweimodel:secospace usg6500scope: - version: -

Trust: 0.8

vendor:huaweimodel:nip6600scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-010255 // NVD: CVE-2021-22320

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22320
value: HIGH

Trust: 1.0

NVD: CVE-2021-22320
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202103-1280
value: HIGH

Trust: 0.6

VULMON: CVE-2021-22320
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-22320
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2021-22320
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-22320
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-22320 // JVNDB: JVNDB-2021-010255 // CNNVD: CNNVD-202103-1280 // NVD: CVE-2021-22320

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-010255 // NVD: CVE-2021-22320

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1280

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-1280

PATCH

title:huawei-sa-20210210-03-dosurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-en

Trust: 0.8

title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145659

Trust: 0.6

sources: JVNDB: JVNDB-2021-010255 // CNNVD: CNNVD-202103-1280

EXTERNAL IDS

db:NVDid:CVE-2021-22320

Trust: 3.3

db:JVNDBid:JVNDB-2021-010255

Trust: 0.8

db:CNNVDid:CNNVD-202103-1280

Trust: 0.6

db:VULMONid:CVE-2021-22320

Trust: 0.1

sources: VULMON: CVE-2021-22320 // JVNDB: JVNDB-2021-010255 // CNNVD: CNNVD-202103-1280 // NVD: CVE-2021-22320

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-en

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-22320

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2021-22320 // JVNDB: JVNDB-2021-010255 // CNNVD: CNNVD-202103-1280 // NVD: CVE-2021-22320

SOURCES

db:VULMONid:CVE-2021-22320
db:JVNDBid:JVNDB-2021-010255
db:CNNVDid:CNNVD-202103-1280
db:NVDid:CVE-2021-22320

LAST UPDATE DATE

2024-11-23T23:07:38.644000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-22320date:2021-03-26T00:00:00
db:JVNDBid:JVNDB-2021-010255date:2022-06-28T06:51:00
db:CNNVDid:CNNVD-202103-1280date:2021-03-30T00:00:00
db:NVDid:CVE-2021-22320date:2024-11-21T05:49:54.300

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-22320date:2021-03-22T00:00:00
db:JVNDBid:JVNDB-2021-010255date:2022-06-28T00:00:00
db:CNNVDid:CNNVD-202103-1280date:2021-03-22T00:00:00
db:NVDid:CVE-2021-22320date:2021-03-22T19:15:11.897