CVE-2021-22361

Summary

There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service.

Affected Software

VendorProductVersion RangeStatus
n/aeCNS280;eSE620X vESSV100R005C00,V100R005C10affected
n/aeCNS280;eSE620X vESSV100R001C10SPC200,V100R001C20SPC200affected

Weaknesses

  • Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References