PT-2021-15007 · Huawei · Ecns280 Td+1
Published
2021-06-02
·
Updated
2021-06-29
·
CVE-2021-22378
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
eCNS280 TD versions V100R005C00 through V100R005C10
Description:
A race condition issue exists due to a timing window that allows the database to be operated by another thread concurrently. This can cause the affected device to become abnormal.
Recommendations:
For eCNS280 TD versions V100R005C00 through V100R005C10, consider implementing thread synchronization mechanisms to prevent concurrent database operations until a patch is available.
As a temporary workaround, restrict access to the database to minimize the risk of exploitation.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Vrp
Ecns280 Td