CVE-2021-22299
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.
Se presenta una vulnerabilidad de escalada de privilegios local en algunos productos Huawei. Un atacante autentificado local podría diseñar comandos específicos para explotar esta vulnerabilidad. Una explotación con éxito puede hacer que un atacante obtenga un mayor privilegio. Las versiones de producto afectadas incluyen: ManageOne versiones 6.5.0, 6.5.0.SPC100.B210, 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1 .SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B060, 6.5.1RC2.B020, 6.5.1RC2.B030, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090, 6.5.RC2.B050, 8.0.0, 8.0.0-LCND81, 8.0.0.SPC100, 8.0.1, 8.0.RC2, 8.0.RC3, 8.0.RC3.B041, 8.0.RC3.SPC100; NFV_FusionSphere versiones 6.5.1.SPC23, 8.0.0.SPC12; SMC2.0 versiones V600R019C00, V600R019C10; iMaster MAE-M versiones MAE-TOOL (FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-05 CVE Reserved
- 2021-02-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Smc2.0 Firmware Search vendor "Huawei" for product "Smc2.0 Firmware" | v600r019c00 Search vendor "Huawei" for product "Smc2.0 Firmware" and version "v600r019c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Smc2.0 Search vendor "Huawei" for product "Smc2.0" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Smc2.0 Firmware Search vendor "Huawei" for product "Smc2.0 Firmware" | v600r019c10 Search vendor "Huawei" for product "Smc2.0 Firmware" and version "v600r019c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Smc2.0 Search vendor "Huawei" for product "Smc2.0" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Imaster Mae-m Search vendor "Huawei" for product "Imaster Mae-m" | v100r020c10spc220 Search vendor "Huawei" for product "Imaster Mae-m" and version "v100r020c10spc220" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.0 Search vendor "Huawei" for product "Manageone" and version "6.5.0" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.0 Search vendor "Huawei" for product "Manageone" and version "6.5.0" | rc2.b050 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.0 Search vendor "Huawei" for product "Manageone" and version "6.5.0" | spc100.b210 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc1.b060 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b020 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b030 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b040 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b050 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b060 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b070 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b080 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | rc2.b090 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc100.b050 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc101.b010 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc101.b040 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b010 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b030 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b040 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b050 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b060 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1" | spc200.b070 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1.1" | b010 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1.1" | b020 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1.1" | b030 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5.1.1 Search vendor "Huawei" for product "Manageone" and version "6.5.1.1" | b040 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | lcnd81 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | rc2 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | rc3 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | rc3.b041 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | rc3.spc100 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.0 Search vendor "Huawei" for product "Manageone" and version "8.0.0" | spc100 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 8.0.1 Search vendor "Huawei" for product "Manageone" and version "8.0.1" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Network Functions Virtualization Fusionsphere Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" | 6.5.1 Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" and version "6.5.1" | spc12 |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Network Functions Virtualization Fusionsphere Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" | 6.5.1 Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" and version "6.5.1" | spc23 |
Affected
| ||||||