Race Condition Vulnerability in Huawei ManageOne and SMC Products
CVE-2021-22340
Summary
A race condition vulnerability has been identified in Huawei's ManageOne and SMC products, allowing a potential attacker with root permissions to exploit the issue through concurrent I/O reads by multiple threads. The exploitation can lead to system crashes, significantly impacting the availability of affected systems. This vulnerability is particularly prevalent in specific versions of ManageOne and SMC, highlighting the importance of timely updates and security patches to mitigate the risks associated with such exploitations.
Affected Version(s)
ManageOne;SMC2.0 6.5.1.SPC200,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.SPC100
ManageOne;SMC2.0 V600R019C10SPC700,V600R019C10SPC702,V600R019C10SPC703,V600R019C10SPC800,V600R019C10SPC900,V600R019C10SPC910,V600R019C10SPC920,V600R019C10SPC921,V600R019C10SPC922,V600R019C10SPC930,V600R019C10SPC931
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved