CVE-2021-22299

EPSS 0.02%
Veröffentlicht 06.02.2021 02:15:12
Zuletzt bearbeitet 21.11.2024 05:49:52
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Imaster Mae-m Versionv100r020c10spc220

Huawei ≫ Manageone Version6.5.0 Update-

Huawei ≫ Manageone Version6.5.0 Updaterc2.b050

Huawei ≫ Manageone Version6.5.0 Updatespc100.b210

Huawei ≫ Manageone Version6.5.1 Update-

Huawei ≫ Manageone Version6.5.1 Updaterc1.b060

Huawei ≫ Manageone Version6.5.1 Updaterc2.b020

Huawei ≫ Manageone Version6.5.1 Updaterc2.b030

Huawei ≫ Manageone Version6.5.1 Updaterc2.b040

Huawei ≫ Manageone Version6.5.1 Updaterc2.b050

Huawei ≫ Manageone Version6.5.1 Updaterc2.b060

Huawei ≫ Manageone Version6.5.1 Updaterc2.b070

Huawei ≫ Manageone Version6.5.1 Updaterc2.b080

Huawei ≫ Manageone Version6.5.1 Updaterc2.b090

Huawei ≫ Manageone Version6.5.1 Updatespc100.b050

Huawei ≫ Manageone Version6.5.1 Updatespc101.b010

Huawei ≫ Manageone Version6.5.1 Updatespc101.b040

Huawei ≫ Manageone Version6.5.1 Updatespc200

Huawei ≫ Manageone Version6.5.1 Updatespc200.b010

Huawei ≫ Manageone Version6.5.1 Updatespc200.b030

Huawei ≫ Manageone Version6.5.1 Updatespc200.b040

Huawei ≫ Manageone Version6.5.1 Updatespc200.b050

Huawei ≫ Manageone Version6.5.1 Updatespc200.b060

Huawei ≫ Manageone Version6.5.1 Updatespc200.b070

Huawei ≫ Manageone Version6.5.1.1 Updateb010

Huawei ≫ Manageone Version6.5.1.1 Updateb020

Huawei ≫ Manageone Version6.5.1.1 Updateb030

Huawei ≫ Manageone Version6.5.1.1 Updateb040

Huawei ≫ Manageone Version8.0.0 Update-

Huawei ≫ Manageone Version8.0.0 Updatelcnd81

Huawei ≫ Manageone Version8.0.0 Updaterc2

Huawei ≫ Manageone Version8.0.0 Updaterc3

Huawei ≫ Manageone Version8.0.0 Updaterc3.b041

Huawei ≫ Manageone Version8.0.0 Updaterc3.spc100

Huawei ≫ Manageone Version8.0.0 Updatespc100

Huawei ≫ Manageone Version8.0.1

Huawei ≫ Network Functions Virtualization Fusionsphere Version6.5.1 Updatespc12

Huawei ≫ Network Functions Virtualization Fusionsphere Version6.5.1 Updatespc23

Huawei ≫ Smc2.0 Firmware Versionv600r019c00

Huawei ≫ Smc2.0 Version-

Huawei ≫ Smc2.0 Firmware Versionv600r019c10

Huawei ≫ Smc2.0 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.037

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22299

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22299

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22299

EUVD