Improper Permission Assignment in Huawei ManageOne
CVE-2021-22311
7.2HIGH
Summary
An improper permission assignment vulnerability exists in Huawei ManageOne due to inadequate security hardening. This flaw allows processes to execute with elevated privileges, potentially enabling certain users to perform operations without the necessary permissions. Affected users and organizations should apply relevant security patches to mitigate this risk, particularly for versions 8.0.0 and 8.0.1, as detailed in the Huawei security advisory.
Affected Version(s)
ManageOne 8.0.0,8.0.1
References
CVSS V3.1
Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved