Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20210714-01-PE
HistoryJul 14, 2021 - 12:00 a.m.

Security Advisory - Privilege Escalation Vulnerability in Huawei Products

2021-07-1400:00:00
Huawei Technologies
www.huawei.com
39

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

There is a privilege escalation vulnerability in Huawei products. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service. (Vulnerability ID: HWPSIRT-2020-00188)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2021-22397.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-pe-en&gt;

Affected configurations

Vulners
Node
huaweimanageoneMatch8.0.0
CPENameOperatorVersion
manageoneeq8.0.0

Related

cvelist 1
prion 1
cve 1
cnvd 1
nvd 1
cvelist
cvelist
CVE-2021-22397
2021-08-02 16:24:40
prion
prion
Privilege escalation
2021-08-02 17:15:00
cve
cve
CVE-2021-22397
2021-08-02 17:15:14
cnvd
cnvd
Huawei ManageOne Elevation of Privilege Vulnerability
2021-07-15 00:00:00
nvd
nvd
CVE-2021-22397
2021-08-02 17:15:14

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for HUAWEI-SA-20210714-01-PE
cvelist1prion1cve1cnvd1nvd1