// For flags

CVE-2021-22299

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.

Se presenta una vulnerabilidad de escalada de privilegios local en algunos productos Huawei. Un atacante autentificado local podría diseñar comandos específicos para explotar esta vulnerabilidad. Una explotación con éxito puede hacer que un atacante obtenga un mayor privilegio. Las versiones de producto afectadas incluyen: ManageOne versiones 6.5.0, 6.5.0.SPC100.B210, 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1 .SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B060, 6.5.1RC2.B020, 6.5.1RC2.B030, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090, 6.5.RC2.B050, 8.0.0, 8.0.0-LCND81, 8.0.0.SPC100, 8.0.1, 8.0.RC2, 8.0.RC3, 8.0.RC3.B041, 8.0.RC3.SPC100; NFV_FusionSphere versiones 6.5.1.SPC23, 8.0.0.SPC12; SMC2.0 versiones V600R019C00, V600R019C10; iMaster MAE-M versiones MAE-TOOL (FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-05 CVE Reserved
  • 2021-02-06 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
Smc2.0 Firmware
Search vendor "Huawei" for product "Smc2.0 Firmware"
v600r019c00
Search vendor "Huawei" for product "Smc2.0 Firmware" and version "v600r019c00"
-
Affected
in Huawei
Search vendor "Huawei"
Smc2.0
Search vendor "Huawei" for product "Smc2.0"
--
Safe
Huawei
Search vendor "Huawei"
Smc2.0 Firmware
Search vendor "Huawei" for product "Smc2.0 Firmware"
v600r019c10
Search vendor "Huawei" for product "Smc2.0 Firmware" and version "v600r019c10"
-
Affected
in Huawei
Search vendor "Huawei"
Smc2.0
Search vendor "Huawei" for product "Smc2.0"
--
Safe
Huawei
Search vendor "Huawei"
Imaster Mae-m
Search vendor "Huawei" for product "Imaster Mae-m"
v100r020c10spc220
Search vendor "Huawei" for product "Imaster Mae-m" and version "v100r020c10spc220"
-
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.0
Search vendor "Huawei" for product "Manageone" and version "6.5.0"
-
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.0
Search vendor "Huawei" for product "Manageone" and version "6.5.0"
rc2.b050
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.0
Search vendor "Huawei" for product "Manageone" and version "6.5.0"
spc100.b210
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
-
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc1.b060
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b020
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b030
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b040
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b050
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b060
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b070
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b080
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
rc2.b090
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc100.b050
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc101.b010
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc101.b040
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b010
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b030
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b040
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b050
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b060
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1"
spc200.b070
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1.1"
b010
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1.1"
b020
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1.1"
b030
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
6.5.1.1
Search vendor "Huawei" for product "Manageone" and version "6.5.1.1"
b040
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
-
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
lcnd81
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
rc2
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
rc3
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
rc3.b041
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
rc3.spc100
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.0
Search vendor "Huawei" for product "Manageone" and version "8.0.0"
spc100
Affected
Huawei
Search vendor "Huawei"
Manageone
Search vendor "Huawei" for product "Manageone"
8.0.1
Search vendor "Huawei" for product "Manageone" and version "8.0.1"
-
Affected
Huawei
Search vendor "Huawei"
Network Functions Virtualization Fusionsphere
Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere"
6.5.1
Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" and version "6.5.1"
spc12
Affected
Huawei
Search vendor "Huawei"
Network Functions Virtualization Fusionsphere
Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere"
6.5.1
Search vendor "Huawei" for product "Network Functions Virtualization Fusionsphere" and version "6.5.1"
spc23
Affected