cve-2021-22299
Vulnerability from cvelistv5
Published
2021-02-06 01:53
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.
References
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | ManageOne |
Version: 6.5.0 Version: 6.5.0.SPC100.B210 Version: 6.5.1.1.B010 Version: 6.5.1.1.B020 Version: 6.5.1.1.B030 Version: 6.5.1.1.B040 Version: 6.5.1.SPC100.B050 Version: 6.5.1.SPC101.B010 Version: 6.5.1.SPC101.B040 Version: 6.5.1.SPC200 Version: 6.5.1.SPC200.B010 Version: 6.5.1.SPC200.B030 Version: 6.5.1.SPC200.B040 Version: 6.5.1.SPC200.B050 Version: 6.5.1.SPC200.B060 Version: 6.5.1.SPC200.B070 Version: 6.5.1RC1.B060 Version: 6.5.1RC2.B020 Version: 6.5.1RC2.B030 Version: 6.5.1RC2.B040 Version: 6.5.1RC2.B050 Version: 6.5.1RC2.B060 Version: 6.5.1RC2.B070 Version: 6.5.1RC2.B080 Version: 6.5.1RC2.B090 Version: 6.5.RC2.B050 Version: 8.0.0 Version: 8.0.0-LCND81 Version: 8.0.0.SPC100 Version: 8.0.1 Version: 8.0.RC2 Version: 8.0.RC3 Version: 8.0.RC3.B041 Version: 8.0.RC3.SPC100 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ManageOne",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.5.0"
},
{
"status": "affected",
"version": "6.5.0.SPC100.B210"
},
{
"status": "affected",
"version": "6.5.1.1.B010"
},
{
"status": "affected",
"version": "6.5.1.1.B020"
},
{
"status": "affected",
"version": "6.5.1.1.B030"
},
{
"status": "affected",
"version": "6.5.1.1.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC100.B050"
},
{
"status": "affected",
"version": "6.5.1.SPC101.B010"
},
{
"status": "affected",
"version": "6.5.1.SPC101.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC200"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B010"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B030"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B040"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B050"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B060"
},
{
"status": "affected",
"version": "6.5.1.SPC200.B070"
},
{
"status": "affected",
"version": "6.5.1RC1.B060"
},
{
"status": "affected",
"version": "6.5.1RC2.B020"
},
{
"status": "affected",
"version": "6.5.1RC2.B030"
},
{
"status": "affected",
"version": "6.5.1RC2.B040"
},
{
"status": "affected",
"version": "6.5.1RC2.B050"
},
{
"status": "affected",
"version": "6.5.1RC2.B060"
},
{
"status": "affected",
"version": "6.5.1RC2.B070"
},
{
"status": "affected",
"version": "6.5.1RC2.B080"
},
{
"status": "affected",
"version": "6.5.1RC2.B090"
},
{
"status": "affected",
"version": "6.5.RC2.B050"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0-LCND81"
},
{
"status": "affected",
"version": "8.0.0.SPC100"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.RC2"
},
{
"status": "affected",
"version": "8.0.RC3"
},
{
"status": "affected",
"version": "8.0.RC3.B041"
},
{
"status": "affected",
"version": "8.0.RC3.SPC100"
}
]
},
{
"product": "NFV_FusionSphere",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.5.1.SPC23"
},
{
"status": "affected",
"version": "8.0.0.SPC12"
}
]
},
{
"product": "SMC2.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V600R019C00"
},
{
"status": "affected",
"version": "V600R019C10"
}
]
},
{
"product": "iMaster MAE-M",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-06T01:53:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ManageOne",
"version": {
"version_data": [
{
"version_value": "6.5.0"
},
{
"version_value": "6.5.0.SPC100.B210"
},
{
"version_value": "6.5.1.1.B010"
},
{
"version_value": "6.5.1.1.B020"
},
{
"version_value": "6.5.1.1.B030"
},
{
"version_value": "6.5.1.1.B040"
},
{
"version_value": "6.5.1.SPC100.B050"
},
{
"version_value": "6.5.1.SPC101.B010"
},
{
"version_value": "6.5.1.SPC101.B040"
},
{
"version_value": "6.5.1.SPC200"
},
{
"version_value": "6.5.1.SPC200.B010"
},
{
"version_value": "6.5.1.SPC200.B030"
},
{
"version_value": "6.5.1.SPC200.B040"
},
{
"version_value": "6.5.1.SPC200.B050"
},
{
"version_value": "6.5.1.SPC200.B060"
},
{
"version_value": "6.5.1.SPC200.B070"
},
{
"version_value": "6.5.1RC1.B060"
},
{
"version_value": "6.5.1RC2.B020"
},
{
"version_value": "6.5.1RC2.B030"
},
{
"version_value": "6.5.1RC2.B040"
},
{
"version_value": "6.5.1RC2.B050"
},
{
"version_value": "6.5.1RC2.B060"
},
{
"version_value": "6.5.1RC2.B070"
},
{
"version_value": "6.5.1RC2.B080"
},
{
"version_value": "6.5.1RC2.B090"
},
{
"version_value": "6.5.RC2.B050"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0-LCND81"
},
{
"version_value": "8.0.0.SPC100"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.RC2"
},
{
"version_value": "8.0.RC3"
},
{
"version_value": "8.0.RC3.B041"
},
{
"version_value": "8.0.RC3.SPC100"
}
]
}
},
{
"product_name": "NFV_FusionSphere",
"version": {
"version_data": [
{
"version_value": "6.5.1.SPC23"
},
{
"version_value": "8.0.0.SPC12"
}
]
}
},
{
"product_name": "SMC2.0",
"version": {
"version_data": [
{
"version_value": "V600R019C00"
},
{
"version_value": "V600R019C10"
}
]
}
},
{
"product_name": "iMaster MAE-M",
"version": {
"version_data": [
{
"version_value": "MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22299",
"datePublished": "2021-02-06T01:53:36",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:imaster_mae-m:v100r020c10spc220:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F67A4BC-9424-458A-A24B-2AFF301329C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14B3716-7A94-42C5-AE2C-9F64C15A43EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.0:rc2.b050:*:*:*:*:*:*\", \"matchCriteriaId\": \"E514234B-1DB4-4170-BC73-510058ED5788\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.0:spc100.b210:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F587216-1355-4DD6-83E2-27CCE4ACC2E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAE8F0E3-8BCA-4059-9BE1-A7BDFD18531A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*\", \"matchCriteriaId\": \"24872541-A493-48BD-AA2C-7A976FF75F9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*\", \"matchCriteriaId\": \"61EC963F-1160-43D4-B4E4-2CC2B209B4DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD086E38-D1F5-4160-A7A2-12E681F686CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*\", \"matchCriteriaId\": \"035E4DF1-4B17-448B-8A78-CD81F68D38CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDDB5BDF-9760-4EE6-947D-A633B9CC0D36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*\", \"matchCriteriaId\": \"31787857-76F6-4E80-82B7-56B1C12B6628\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b080:*:*:*:*:*:*\", \"matchCriteriaId\": \"3495FF32-2906-4064-A636-64EB3A06421D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*\", \"matchCriteriaId\": \"73901E08-8C24-46FB-A42D-6457630AA6DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc100.b050:*:*:*:*:*:*\", \"matchCriteriaId\": \"A472E9AA-784F-4AE2-B1D8-6C77EA1664B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc101.b010:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7CC07B4-FBF6-4AC9-8C54-B7845A068BBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc101.b040:*:*:*:*:*:*\", \"matchCriteriaId\": \"36904A81-9DCD-4E65-ADC1-A5A96FA0D939\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200:*:*:*:*:*:*\", \"matchCriteriaId\": \"481FA740-3E71-443D-99DF-89CA198951A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b010:*:*:*:*:*:*\", \"matchCriteriaId\": \"37636652-DC9E-4310-AB33-1C67B85A7BF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b030:*:*:*:*:*:*\", \"matchCriteriaId\": \"C462984C-407A-4D52-BEDD-7E300482E2AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b040:*:*:*:*:*:*\", \"matchCriteriaId\": \"154A70F1-C15A-41B1-97B8-89550595BF44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b050:*:*:*:*:*:*\", \"matchCriteriaId\": \"B58D9F18-F7B5-4514-978D-EC419614F521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b060:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD51B07E-213B-4D32-A121-E2FD124EA1A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b070:*:*:*:*:*:*\", \"matchCriteriaId\": \"7926B343-242E-414B-B573-84DB16A2FCBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*\", \"matchCriteriaId\": \"463A4059-55EF-4862-B8AD-90DCAC0CC871\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*\", \"matchCriteriaId\": \"4042FC49-4FC7-46B4-8D14-ECACF22A9860\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*\", \"matchCriteriaId\": \"535597A4-29C8-44A8-9008-4F4E10030531\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9090F1E-EF60-4E54-9885-7F6B1681DE9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"51E51969-9D4D-4A58-BEBD-19F4BD64BC7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:rc3.b041:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B552573-DB7A-4454-A832-AE1811A9577C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:rc3.spc100:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D17BA55-6032-4BC4-BEB3-4FB27BA81777\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EDE7C94-7E89-45E6-8A79-32E53D9139DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47A8E919-FAC0-4011-927F-599AA7688A32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc12:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD187FC7-B1BE-4BF1-BB6E-AA05CEFE4910\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc23:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FBB7636-4E6E-4621-9F42-9CDC8EB472F3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2DC0656-EE97-43AF-9499-7ED8E31D6458\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C32980F5-E091-4B2F-A8D3-F30367C8B9C9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDBEFFB4-9742-48CC-BBA6-E5DCA281B343\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad de escalada de privilegios local en algunos productos Huawei. Un atacante autentificado local podr\\u00eda dise\\u00f1ar comandos espec\\u00edficos para explotar esta vulnerabilidad. Una explotaci\\u00f3n con \\u00e9xito puede hacer que un atacante obtenga un mayor privilegio. Las versiones de producto afectadas incluyen: ManageOne versiones 6.5.0, 6.5.0.SPC100.B210, 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1 .SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B060, 6.5.1RC2.B020, 6.5.1RC2.B030, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090, 6.5.RC2.B050, 8.0.0, 8.0.0-LCND81, 8.0.0.SPC100, 8.0.1, 8.0.RC2, 8.0.RC3, 8.0.RC3.B041, 8.0.RC3.SPC100;\u0026#xa0;NFV_FusionSphere versiones 6.5.1.SPC23, 8.0.0.SPC12; SMC2.0 versiones V600R019C00,\u0026#xa0;V600R019C10;\u0026#xa0;iMaster MAE-M versiones MAE-TOOL (FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220\"}]",
"id": "CVE-2021-22299",
"lastModified": "2024-11-21T05:49:52.027",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-02-06T02:15:12.680",
"references": "[{\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-22299\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2021-02-06T02:15:12.680\",\"lastModified\":\"2024-11-21T05:49:52.027\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de escalada de privilegios local en algunos productos Huawei. Un atacante autentificado local podr\u00eda dise\u00f1ar comandos espec\u00edficos para explotar esta vulnerabilidad. Una explotaci\u00f3n con \u00e9xito puede hacer que un atacante obtenga un mayor privilegio. Las versiones de producto afectadas incluyen: ManageOne versiones 6.5.0, 6.5.0.SPC100.B210, 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1 .SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B060, 6.5.1RC2.B020, 6.5.1RC2.B030, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090, 6.5.RC2.B050, 8.0.0, 8.0.0-LCND81, 8.0.0.SPC100, 8.0.1, 8.0.RC2, 8.0.RC3, 8.0.RC3.B041, 8.0.RC3.SPC100;\u0026#xa0;NFV_FusionSphere versiones 6.5.1.SPC23, 8.0.0.SPC12; SMC2.0 versiones V600R019C00,\u0026#xa0;V600R019C10;\u0026#xa0;iMaster MAE-M versiones MAE-TOOL (FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:imaster_mae-m:v100r020c10spc220:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F67A4BC-9424-458A-A24B-2AFF301329C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14B3716-7A94-42C5-AE2C-9F64C15A43EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.0:rc2.b050:*:*:*:*:*:*\",\"matchCriteriaId\":\"E514234B-1DB4-4170-BC73-510058ED5788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.0:spc100.b210:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F587216-1355-4DD6-83E2-27CCE4ACC2E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE8F0E3-8BCA-4059-9BE1-A7BDFD18531A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*\",\"matchCriteriaId\":\"24872541-A493-48BD-AA2C-7A976FF75F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*\",\"matchCriteriaId\":\"61EC963F-1160-43D4-B4E4-2CC2B209B4DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD086E38-D1F5-4160-A7A2-12E681F686CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*\",\"matchCriteriaId\":\"035E4DF1-4B17-448B-8A78-CD81F68D38CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDDB5BDF-9760-4EE6-947D-A633B9CC0D36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*\",\"matchCriteriaId\":\"31787857-76F6-4E80-82B7-56B1C12B6628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b080:*:*:*:*:*:*\",\"matchCriteriaId\":\"3495FF32-2906-4064-A636-64EB3A06421D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*\",\"matchCriteriaId\":\"73901E08-8C24-46FB-A42D-6457630AA6DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc100.b050:*:*:*:*:*:*\",\"matchCriteriaId\":\"A472E9AA-784F-4AE2-B1D8-6C77EA1664B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc101.b010:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7CC07B4-FBF6-4AC9-8C54-B7845A068BBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc101.b040:*:*:*:*:*:*\",\"matchCriteriaId\":\"36904A81-9DCD-4E65-ADC1-A5A96FA0D939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200:*:*:*:*:*:*\",\"matchCriteriaId\":\"481FA740-3E71-443D-99DF-89CA198951A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b010:*:*:*:*:*:*\",\"matchCriteriaId\":\"37636652-DC9E-4310-AB33-1C67B85A7BF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b030:*:*:*:*:*:*\",\"matchCriteriaId\":\"C462984C-407A-4D52-BEDD-7E300482E2AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b040:*:*:*:*:*:*\",\"matchCriteriaId\":\"154A70F1-C15A-41B1-97B8-89550595BF44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b050:*:*:*:*:*:*\",\"matchCriteriaId\":\"B58D9F18-F7B5-4514-978D-EC419614F521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b060:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD51B07E-213B-4D32-A121-E2FD124EA1A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1:spc200.b070:*:*:*:*:*:*\",\"matchCriteriaId\":\"7926B343-242E-414B-B573-84DB16A2FCBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*\",\"matchCriteriaId\":\"463A4059-55EF-4862-B8AD-90DCAC0CC871\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*\",\"matchCriteriaId\":\"4042FC49-4FC7-46B4-8D14-ECACF22A9860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*\",\"matchCriteriaId\":\"535597A4-29C8-44A8-9008-4F4E10030531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9090F1E-EF60-4E54-9885-7F6B1681DE9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"51E51969-9D4D-4A58-BEBD-19F4BD64BC7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:rc3.b041:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B552573-DB7A-4454-A832-AE1811A9577C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:rc3.spc100:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D17BA55-6032-4BC4-BEB3-4FB27BA81777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EDE7C94-7E89-45E6-8A79-32E53D9139DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47A8E919-FAC0-4011-927F-599AA7688A32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc12:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD187FC7-B1BE-4BF1-BB6E-AA05CEFE4910\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:huawei:network_functions_virtualization_fusionsphere:6.5.1:spc23:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FBB7636-4E6E-4621-9F42-9CDC8EB472F3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2DC0656-EE97-43AF-9499-7ED8E31D6458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C32980F5-E091-4B2F-A8D3-F30367C8B9C9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDBEFFB4-9742-48CC-BBA6-E5DCA281B343\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210120-02-privilege-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.