Huawei Ecns280_td_firmware
8 CVEs affecting Huawei Ecns280_td_firmware. Latest disclosed: 2021-12-13. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-22396 | High | 7.8 | 2021-08-02 | There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access… |
CVE-2021-22363 | High | 7.5 | 2021-06-22 | There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650. An attacker needs to perform specific operations to exploit the vulnerabili… |
CVE-2021-40007 | Medium | 6.5 | 2021-12-13 | There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the… |
CVE-2021-39995 | Medium | 6.5 | 2021-11-29 | Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerabi… |
CVE-2021-37036 | Medium | 5.5 | 2021-11-23 | There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific informa… |
CVE-2021-22378 | Medium | 5.3 | 2021-06-22 | There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by ano… |
CVE-2021-22383 | Medium | 4.9 | 2021-06-22 | There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerabil… |
CVE-2021-22300 | Medium | 4.1 | 2021-02-06 | There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file c… |