CVE-2021-22293

7.5HIGH

Key Information:

Vendor
Huawei
Status
Campusinsight
Manageone
Vendor
CVE Published:
6 February 2021

Summary

Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1).

Affected Version(s)

CampusInsight V100R019C10

ManageOne 6.5.1.1

ManageOne 6.5.1.SPC100

References

https://www.huawei.com/en/psirt/security-advisories/huawe...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.