Lucene search

Huawei TechnologiesHUAWEI-SA-20220819-01-7E0A6103

HistoryAug 19, 2022 - 12:00 a.m.

Security Advisory - Permission Bypass Vulnerability in Huawei Products

2022-08-1900:00:00

Huawei Technologies

www.huawei.com

security advisory

huawei

vulnerability_id

cve-2021-46834

software updates

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. (Vulnerability ID: HWPSIRT-2021-96118)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2021-46834.

For products that have released software updates to fix this vulnerability, Huawei will release and update the Security Advisory at:

<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220819-01-7e0a6103-en>

Affected configurations

Vulners

Node

huaweijad-al50Match102.0.0.225

CPENameOperatorVersion
jad-al50eq102.0.0.225

CPE	Name	Operator	Version
	jad-al50	eq	102.0.0.225

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for HUAWEI-SA-20220819-01-7E0A6103