What is CVE-2021-22314?

CVE-2021-22314 is a local privilege escalation vulnerability in some versions of ManageOne that allows a local authenticated attacker to obtain higher privileges and compromise the service.

How severe is CVE-2021-22314?

CVE-2021-22314 has a severity rating of 7.8 out of 10, indicating a high severity.

Which versions of ManageOne are affected?

Versions 6.5.1-rc1.b060, 6.5.1-rc1.b070, 6.5.1-rc2.b020, 6.5.1-rc2.b030, and 6.5.1.1-b010 of ManageOne are affected by CVE-2021-22314.

How can an attacker exploit CVE-2021-22314?

An attacker can exploit CVE-2021-22314 by performing specific operations to gain higher privileges and compromise the service.

Is there a fix for CVE-2021-22314?

Yes, please refer to the security advisory provided by Huawei at [reference link].

Vulnerability/
CVE-2021-22314

high

7.8

22/3/2021

3/8/2024

CVE-2021-22314

First published: Mon Mar 22 2021(Updated: )

There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei ManageOne	=6.5.1-rc1.b060
Huawei ManageOne	=6.5.1-rc1.b070
Huawei ManageOne	=6.5.1-rc2.b020
Huawei ManageOne	=6.5.1-rc2.b030
Huawei ManageOne	=6.5.1.1-b010

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210218-01-privilege-en

Frequently Asked Questions

What is CVE-2021-22314?
CVE-2021-22314 is a local privilege escalation vulnerability in some versions of ManageOne that allows a local authenticated attacker to obtain higher privileges and compromise the service.
How severe is CVE-2021-22314?
CVE-2021-22314 has a severity rating of 7.8 out of 10, indicating a high severity.
Which versions of ManageOne are affected?
Versions 6.5.1-rc1.b060, 6.5.1-rc1.b070, 6.5.1-rc2.b020, 6.5.1-rc2.b030, and 6.5.1.1-b010 of ManageOne are affected by CVE-2021-22314.
How can an attacker exploit CVE-2021-22314?
An attacker can exploit CVE-2021-22314 by performing specific operations to gain higher privileges and compromise the service.
Is there a fix for CVE-2021-22314?
Yes, please refer to the security advisory provided by Huawei at [reference link].

collector/nvd-index
agent/type
agent/event
agent/references
agent/severity
agent/author
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/huawei
canonical/huawei manageone
version/huawei manageone/6.5.1-rc1.b060
version/huawei manageone/6.5.1-rc1.b070
version/huawei manageone/6.5.1-rc2.b020
version/huawei manageone/6.5.1-rc2.b030
version/huawei manageone/6.5.1.1-b010

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.