Local Privilege Escalation Vulnerability in Huawei ManageOne
CVE-2021-22314

7.8HIGH

Key Information:

Vendor: Huawei
Status: Manageone
Vendor: CVE Published:; 22 March 2021

Summary

A local privilege escalation vulnerability exists in some versions of Huawei ManageOne, allowing a local authenticated attacker to perform specific actions that can lead to the acquisition of higher privileges. Successful exploitation of this vulnerability could enable the attacker to compromise the service, manipulating its operations and potentially exposing sensitive information.

Affected Version(s)

ManageOne 6.5.1.1.B010,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 22, 2021
Vulnerability Reserved
Jan 5, 2021