CVE-2021-22339

EPSS 0.07%
Veröffentlicht 20.05.2021 20:15:07
Zuletzt bearbeitet 21.11.2024 05:49:56
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Manageone Version6.5 Updaterc2.b050

Huawei ≫ Manageone Version6.5.0 Update-

Huawei ≫ Manageone Version6.5.0 Updatespc100.b210

Huawei ≫ Manageone Version6.5.0 Updatespc100.b220

Huawei ≫ Manageone Version6.5.1 Updaterc1.b060

Huawei ≫ Manageone Version6.5.1 Updaterc1.b070

Huawei ≫ Manageone Version6.5.1 Updaterc1.b080

Huawei ≫ Manageone Version6.5.1 Updaterc2.b010

Huawei ≫ Manageone Version6.5.1 Updaterc2.b020

Huawei ≫ Manageone Version6.5.1 Updaterc2.b030

Huawei ≫ Manageone Version6.5.1 Updaterc2.b040

Huawei ≫ Manageone Version6.5.1 Updaterc2.b050

Huawei ≫ Manageone Version6.5.1 Updaterc2.b060

Huawei ≫ Manageone Version6.5.1 Updaterc2.b070

Huawei ≫ Manageone Version6.5.1 Updaterc2.b080

Huawei ≫ Manageone Version6.5.1 Updaterc2.b090

Huawei ≫ Manageone Version6.5.1 Updatespc100.b050

Huawei ≫ Manageone Version6.5.1 Updatespc101.b010

Huawei ≫ Manageone Version6.5.1 Updatespc101.b040

Huawei ≫ Manageone Version6.5.1 Updatespc200

Huawei ≫ Manageone Version6.5.1 Updatespc200.b010

Huawei ≫ Manageone Version6.5.1 Updatespc200.b030

Huawei ≫ Manageone Version6.5.1 Updatespc200.b040

Huawei ≫ Manageone Version6.5.1 Updatespc200.b050

Huawei ≫ Manageone Version6.5.1 Updatespc200.b060

Huawei ≫ Manageone Version6.5.1 Updatespc200.b070

Huawei ≫ Manageone Version6.5.1.1 Updateb010

Huawei ≫ Manageone Version6.5.1.1 Updateb020

Huawei ≫ Manageone Version6.5.1.1 Updateb030

Huawei ≫ Manageone Version6.5.1.1 Updateb040

Huawei ≫ Manageone Version8.0.0 Update-

Huawei ≫ Manageone Version8.0.0 Updatelcnd81

Huawei ≫ Manageone Version8.0.0 Updaterc2

Huawei ≫ Manageone Version8.0.0 Updaterc3

Huawei ≫ Manageone Version8.0.0 Updaterc3.b041

Huawei ≫ Manageone Version8.0.0 Updaterc3.spc100

Huawei ≫ Manageone Version8.0.0 Updatespc100

Huawei ≫ Manageone Version8.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.173

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:N/A:P

CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210428-01-dos-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22339

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22339

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22339

EUVD