CVE-2021-22293
First published: Sat Feb 06 2021(Updated: )
Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1).
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Campusinsight | =v100r019c10 | |
| Huawei ManageOne | =6.5.1.1 | |
| Huawei ManageOne | =6.5.1.1-rc1 | |
| Huawei ManageOne | =6.5.1.1-rc2 | |
| Huawei ManageOne | =6.5.1.1-spc100 | |
| Huawei ManageOne | =6.5.1.1-spc200 | |
| Huawei ManageOne | =8.0.0-rc2 | |
| Huawei Taurus-al00a Firmware | =10.0.0.1\(c00e1r1p1\) | |
| Huawei Taurus-al00a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-22293?
CVE-2021-22293 is a vulnerability in some Huawei products that allows attackers to cause information leak through an inconsistent interpretation of HTTP requests.
Which products are affected by CVE-2021-22293?
The affected products include Huawei CampusInsight versions V100R019C10 and Huawei ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1R, and 8.0.0RC2.
What is the severity of CVE-2021-22293?
CVE-2021-22293 has a severity rating of 7.5 (High).
How can attackers exploit CVE-2021-22293?
Attackers can exploit CVE-2021-22293 by taking advantage of the inconsistent interpretation of HTTP requests to cause information leaks.
Is there a fix for CVE-2021-22293?
Yes, Huawei has provided a security advisory with mitigation measures and software updates to address CVE-2021-22293. Please refer to the official Huawei website for more information.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- vendor/huawei
- canonical/huawei campusinsight
- version/huawei campusinsight/v100r019c10
- canonical/huawei manageone
- version/huawei manageone/6.5.1.1
- version/huawei manageone/6.5.1.1-rc1
- version/huawei manageone/6.5.1.1-rc2
- version/huawei manageone/6.5.1.1-spc100
- version/huawei manageone/6.5.1.1-spc200
- version/huawei manageone/8.0.0-rc2
- canonical/huawei taurus-al00a firmware
- version/huawei taurus-al00a firmware/10.0.0.1\(c00e1r1p1\)
- canonical/huawei taurus-al00a