Lucene search

K
cve[email protected]CVE-2021-22339
HistoryMay 20, 2021 - 8:15 p.m.

CVE-2021-22339

2021-05-2020:15:07
CWE-345
web.nvd.nist.gov
39
2
cve
2021
22339
denial of service
vulnerability
manageone
parameter verification
exploit
nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.0%

There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal.

Affected configurations

NVD
Node
huaweimanageoneMatch6.5rc2.b050
OR
huaweimanageoneMatch6.5.0-
OR
huaweimanageoneMatch6.5.0spc100.b210
OR
huaweimanageoneMatch6.5.0spc100.b220
OR
huaweimanageoneMatch6.5.1rc1.b060
OR
huaweimanageoneMatch6.5.1rc1.b070
OR
huaweimanageoneMatch6.5.1rc1.b080
OR
huaweimanageoneMatch6.5.1rc2.b010
OR
huaweimanageoneMatch6.5.1rc2.b020
OR
huaweimanageoneMatch6.5.1rc2.b030
OR
huaweimanageoneMatch6.5.1rc2.b040
OR
huaweimanageoneMatch6.5.1rc2.b050
OR
huaweimanageoneMatch6.5.1rc2.b060
OR
huaweimanageoneMatch6.5.1rc2.b070
OR
huaweimanageoneMatch6.5.1rc2.b080
OR
huaweimanageoneMatch6.5.1rc2.b090
OR
huaweimanageoneMatch6.5.1spc100.b050
OR
huaweimanageoneMatch6.5.1spc101.b010
OR
huaweimanageoneMatch6.5.1spc101.b040
OR
huaweimanageoneMatch6.5.1spc200
OR
huaweimanageoneMatch6.5.1spc200.b010
OR
huaweimanageoneMatch6.5.1spc200.b030
OR
huaweimanageoneMatch6.5.1spc200.b040
OR
huaweimanageoneMatch6.5.1spc200.b050
OR
huaweimanageoneMatch6.5.1spc200.b060
OR
huaweimanageoneMatch6.5.1spc200.b070
OR
huaweimanageoneMatch6.5.1.1b010
OR
huaweimanageoneMatch6.5.1.1b020
OR
huaweimanageoneMatch6.5.1.1b030
OR
huaweimanageoneMatch6.5.1.1b040
OR
huaweimanageoneMatch8.0.0-
OR
huaweimanageoneMatch8.0.0lcnd81
OR
huaweimanageoneMatch8.0.0rc2
OR
huaweimanageoneMatch8.0.0rc3
OR
huaweimanageoneMatch8.0.0rc3.b041
OR
huaweimanageoneMatch8.0.0rc3.spc100
OR
huaweimanageoneMatch8.0.0spc100
OR
huaweimanageoneMatch8.0.1

CNA Affected

[
  {
    "product": "ManageOne",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.0,6.5.0.SPC100.B210,6.5.0.SPC100.B220,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC1.B080,6.5.1RC2.B010,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100"
      }
    ]
  }
]

Social References

More

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.0%

Related for CVE-2021-22339