CVE-2021-22314

7.8HIGH

Key Information:

Vendor: Huawei
Status: Manageone
Vendor: CVE Published:; 22 March 2021

Summary

There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.

Affected Version(s)

ManageOne 6.5.1.1.B010,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 22, 2021
Vulnerability Reserved
Jan 5, 2021