All the vulnerabilites related to huawei - network_functions_virtualization_fusionsphere
Vulnerability from fkie_nvd
Published
2021-02-06 02:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:imaster_mae-m:v100r020c10spc220:*:*:*:*:*:*:*",
"matchCriteriaId": "3F67A4BC-9424-458A-A24B-2AFF301329C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F14B3716-7A94-42C5-AE2C-9F64C15A43EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.0:rc2.b050:*:*:*:*:*:*",
"matchCriteriaId": "E514234B-1DB4-4170-BC73-510058ED5788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.0:spc100.b210:*:*:*:*:*:*",
"matchCriteriaId": "1F587216-1355-4DD6-83E2-27CCE4ACC2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CAE8F0E3-8BCA-4059-9BE1-A7BDFD18531A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*",
"matchCriteriaId": "24872541-A493-48BD-AA2C-7A976FF75F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*",
"matchCriteriaId": "61EC963F-1160-43D4-B4E4-2CC2B209B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*",
"matchCriteriaId": "2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*",
"matchCriteriaId": "AD086E38-D1F5-4160-A7A2-12E681F686CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*",
"matchCriteriaId": "035E4DF1-4B17-448B-8A78-CD81F68D38CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*",
"matchCriteriaId": "DDDB5BDF-9760-4EE6-947D-A633B9CC0D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*",
"matchCriteriaId": "31787857-76F6-4E80-82B7-56B1C12B6628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b080:*:*:*:*:*:*",
"matchCriteriaId": "3495FF32-2906-4064-A636-64EB3A06421D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*",
"matchCriteriaId": "73901E08-8C24-46FB-A42D-6457630AA6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc100.b050:*:*:*:*:*:*",
"matchCriteriaId": "A472E9AA-784F-4AE2-B1D8-6C77EA1664B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc101.b010:*:*:*:*:*:*",
"matchCriteriaId": "F7CC07B4-FBF6-4AC9-8C54-B7845A068BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc101.b040:*:*:*:*:*:*",
"matchCriteriaId": "36904A81-9DCD-4E65-ADC1-A5A96FA0D939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200:*:*:*:*:*:*",
"matchCriteriaId": "481FA740-3E71-443D-99DF-89CA198951A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b010:*:*:*:*:*:*",
"matchCriteriaId": "37636652-DC9E-4310-AB33-1C67B85A7BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b030:*:*:*:*:*:*",
"matchCriteriaId": "C462984C-407A-4D52-BEDD-7E300482E2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b040:*:*:*:*:*:*",
"matchCriteriaId": "154A70F1-C15A-41B1-97B8-89550595BF44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b050:*:*:*:*:*:*",
"matchCriteriaId": "B58D9F18-F7B5-4514-978D-EC419614F521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b060:*:*:*:*:*:*",
"matchCriteriaId": "BD51B07E-213B-4D32-A121-E2FD124EA1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:spc200.b070:*:*:*:*:*:*",
"matchCriteriaId": "7926B343-242E-414B-B573-84DB16A2FCBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*",
"matchCriteriaId": "463A4059-55EF-4862-B8AD-90DCAC0CC871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*",
"matchCriteriaId": "4042FC49-4FC7-46B4-8D14-ECACF22A9860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*",
"matchCriteriaId": "A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*",
"matchCriteriaId": "535597A4-29C8-44A8-9008-4F4E10030531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*",
"matchCriteriaId": "E9090F1E-EF60-4E54-9885-7F6B1681DE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "51E51969-9D4D-4A58-BEBD-19F4BD64BC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3.b041:*:*:*:*:*:*",
"matchCriteriaId": "1B552573-DB7A-4454-A832-AE1811A9577C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3.spc100:*:*:*:*:*:*",
"matchCriteriaId": "5D17BA55-6032-4BC4-BEB3-4FB27BA81777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*",
"matchCriteriaId": "7EDE7C94-7E89-45E6-8A79-32E53D9139DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47A8E919-FAC0-4011-927F-599AA7688A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc12:*:*:*:*:*:*",
"matchCriteriaId": "BD187FC7-B1BE-4BF1-BB6E-AA05CEFE4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc23:*:*:*:*:*:*",
"matchCriteriaId": "1FBB7636-4E6E-4621-9F42-9CDC8EB472F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C2DC0656-EE97-43AF-9499-7ED8E31D6458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C32980F5-E091-4B2F-A8D3-F30367C8B9C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDBEFFB4-9742-48CC-BBA6-E5DCA281B343",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de privilegios local en algunos productos Huawei. Un atacante autentificado local podr\u00eda dise\u00f1ar comandos espec\u00edficos para explotar esta vulnerabilidad. Una explotaci\u00f3n con \u00e9xito puede hacer que un atacante obtenga un mayor privilegio. Las versiones de producto afectadas incluyen: ManageOne versiones 6.5.0, 6.5.0.SPC100.B210, 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1 .SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B060, 6.5.1RC2.B020, 6.5.1RC2.B030, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090, 6.5.RC2.B050, 8.0.0, 8.0.0-LCND81, 8.0.0.SPC100, 8.0.1, 8.0.RC2, 8.0.RC3, 8.0.RC3.B041, 8.0.RC3.SPC100;\u0026#xa0;NFV_FusionSphere versiones 6.5.1.SPC23, 8.0.0.SPC12; SMC2.0 versiones V600R019C00,\u0026#xa0;V600R019C10;\u0026#xa0;iMaster MAE-M versiones MAE-TOOL (FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220"
}
],
"id": "CVE-2021-22299",
"lastModified": "2024-11-21T05:49:52.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-06T02:15:12.680",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-22299
Vulnerability from cvelistv5
Published
2021-02-06 01:53
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | ManageOne |
Version: 6.5.0 Version: 6.5.0.SPC100.B210 Version: 6.5.1.1.B010 Version: 6.5.1.1.B020 Version: 6.5.1.1.B030 Version: 6.5.1.1.B040 Version: 6.5.1.SPC100.B050 Version: 6.5.1.SPC101.B010 Version: 6.5.1.SPC101.B040 Version: 6.5.1.SPC200 Version: 6.5.1.SPC200.B010 Version: 6.5.1.SPC200.B030 Version: 6.5.1.SPC200.B040 Version: 6.5.1.SPC200.B050 Version: 6.5.1.SPC200.B060 Version: 6.5.1.SPC200.B070 Version: 6.5.1RC1.B060 Version: 6.5.1RC2.B020 Version: 6.5.1RC2.B030 Version: 6.5.1RC2.B040 Version: 6.5.1RC2.B050 Version: 6.5.1RC2.B060 Version: 6.5.1RC2.B070 Version: 6.5.1RC2.B080 Version: 6.5.1RC2.B090 Version: 6.5.RC2.B050 Version: 8.0.0 Version: 8.0.0-LCND81 Version: 8.0.0.SPC100 Version: 8.0.1 Version: 8.0.RC2 Version: 8.0.RC3 Version: 8.0.RC3.B041 Version: 8.0.RC3.SPC100 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ManageOne",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.5.0"
},
{
"status": "affected",
"version": "6.5.0.SPC100.B210"
},
{
"status": "affected",
"version": "6.5.1.1.B010"
},
{
"status": "affected",
"version": "6.5.1.1.B020"
},
{
"status": "affected",
"version": "6.5.1.1.B030"
},
{
"status": "affected",
"version": "6.5.1.1.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC100.B050"
},
{
"status": "affected",
"version": "6.5.1.SPC101.B010"
},
{
"status": "affected",
"version": "6.5.1.SPC101.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC200"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B010"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B030"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B050"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B060"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B070"
},
{
"status": "affected",
"version": "6.5.1RC1.B060"
},
{
"status": "affected",
"version": "6.5.1RC2.B020"
},
{
"status": "affected",
"version": "6.5.1RC2.B030"
},
{
"status": "affected",
"version": "6.5.1RC2.B040"
},
{
"status": "affected",
"version": "6.5.1RC2.B050"
},
{
"status": "affected",
"version": "6.5.1RC2.B060"
},
{
"status": "affected",
"version": "6.5.1RC2.B070"
},
{
"status": "affected",
"version": "6.5.1RC2.B080"
},
{
"status": "affected",
"version": "6.5.1RC2.B090"
},
{
"status": "affected",
"version": "6.5.RC2.B050"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0-LCND81"
},
{
"status": "affected",
"version": "8.0.0.SPC100"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.RC2"
},
{
"status": "affected",
"version": "8.0.RC3"
},
{
"status": "affected",
"version": "8.0.RC3.B041"
},
{
"status": "affected",
"version": "8.0.RC3.SPC100"
}
]
},
{
"product": "NFV_FusionSphere",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.5.1.SPC23"
},
{
"status": "affected",
"version": "8.0.0.SPC12"
}
]
},
{
"product": "SMC2.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V600R019C00"
},
{
"status": "affected",
"version": "V600R019C10"
}
]
},
{
"product": "iMaster MAE-M",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-06T01:53:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ManageOne",
"version": {
"version_data": [
{
"version_value": "6.5.0"
},
{
"version_value": "6.5.0.SPC100.B210"
},
{
"version_value": "6.5.1.1.B010"
},
{
"version_value": "6.5.1.1.B020"
},
{
"version_value": "6.5.1.1.B030"
},
{
"version_value": "6.5.1.1.B040"
},
{
"version_value": "6.5.1.SPC100.B050"
},
{
"version_value": "6.5.1.SPC101.B010"
},
{
"version_value": "6.5.1.SPC101.B040"
},
{
"version_value": "6.5.1.SPC200"
},
{
"version_value": "6.5.1.SPC200.B010"
},
{
"version_value": "6.5.1.SPC200.B030"
},
{
"version_value": "6.5.1.SPC200.B040"
},
{
"version_value": "6.5.1.SPC200.B050"
},
{
"version_value": "6.5.1.SPC200.B060"
},
{
"version_value": "6.5.1.SPC200.B070"
},
{
"version_value": "6.5.1RC1.B060"
},
{
"version_value": "6.5.1RC2.B020"
},
{
"version_value": "6.5.1RC2.B030"
},
{
"version_value": "6.5.1RC2.B040"
},
{
"version_value": "6.5.1RC2.B050"
},
{
"version_value": "6.5.1RC2.B060"
},
{
"version_value": "6.5.1RC2.B070"
},
{
"version_value": "6.5.1RC2.B080"
},
{
"version_value": "6.5.1RC2.B090"
},
{
"version_value": "6.5.RC2.B050"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0-LCND81"
},
{
"version_value": "8.0.0.SPC100"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.RC2"
},
{
"version_value": "8.0.RC3"
},
{
"version_value": "8.0.RC3.B041"
},
{
"version_value": "8.0.RC3.SPC100"
}
]
}
},
{
"product_name": "NFV_FusionSphere",
"version": {
"version_data": [
{
"version_value": "6.5.1.SPC23"
},
{
"version_value": "8.0.0.SPC12"
}
]
}
},
{
"product_name": "SMC2.0",
"version": {
"version_data": [
{
"version_value": "V600R019C00"
},
{
"version_value": "V600R019C10"
}
]
}
},
{
"product_name": "iMaster MAE-M",
"version": {
"version_data": [
{
"version_value": "MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22299",
"datePublished": "2021-02-06T01:53:36",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}