CVE-2021-22329
CVE-2021-22329 is a medium-severity vulnerability in Huawei S12700 Firmware with a CVSS 3.x base score of 4.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 3.x base score 4.9)
- CVSS v2: 4.0
- EPSS exploit prediction: 0% (37th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Huawei S12700 Firmware
- Published:
- Last modified:
Description
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
Frequently asked questions
- What is CVE-2021-22329?
- There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
- How severe is CVE-2021-22329?
- CVE-2021-22329 has a CVSS 3.x base score of 4.9, rated medium severity. It is exploitable over network with low attack complexity, requires high privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability none.
- Is CVE-2021-22329 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (37th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2021-22329?
- CVE-2021-22329 primarily affects Huawei S12700 Firmware. In total, 40 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2021-22329?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2021-22329 published?
- CVE-2021-22329 was published on 2021-06-29 and last updated on 2026-06-17.
References
Affected products (40)
- cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*
More vulnerabilities in Huawei S12700 Firmware
- CVE-2016-4087 — High (CVSS 8.1): Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010,…
- CVE-2021-37129 — High (CVSS 7.5): There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a…
- CVE-2021-22357 — High (CVSS 7.5): There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to…
- CVE-2019-19397 — High (CVSS 7.5): There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default.…
- CVE-2019-5285 — High (CVSS 7.5): Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to…
- CVE-2016-8786 — High (CVSS 7.5): Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700…