6.5
CVE-2021-22339
- EPSS 0.07%
- Published 20.05.2021 20:15:07
- Last modified 21.11.2024 05:49:56
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal.
Data is provided by the National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.173 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:N/A:P
|
CWE-345 Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.