CVE-2021-22397

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*

History

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-269 CWE-20

11 Aug 2021, 15:17

Type Values Removed Values Added
CWE CWE-269
CPE cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 6.7
References (MISC) https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-pe-en - (MISC) https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-pe-en - Vendor Advisory

02 Aug 2021, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-02 17:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-22397

Mitre link : CVE-2021-22397

CVE.ORG link : CVE-2021-22397


JSON object : View

Products Affected

huawei

  • manageone
CWE
CWE-20

Improper Input Validation