Denial of Service Vulnerability in ManageOne by Huawei
CVE-2021-22339

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Manageone
Vendor: CVE Published:; 20 May 2021

What is CVE-2021-22339?

A vulnerability exists in certain versions of ManageOne by Huawei that allows an attacker to create specific parameters leading to service disruptions. This denial of service condition arises from inadequate validation mechanisms, which can result in abnormal behavior of affected services, and ultimately jeopardize system performance and availability. It is crucial for users to ensure their systems are updated to mitigate this risk.

Affected Version(s)

ManageOne 6.5.0,6.5.0.SPC100.B210,6.5.0.SPC100.B220,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC1.B080,6.5.1RC2.B010,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2021
Vulnerability Reserved
Jan 5, 2021