CVE-2021-22314
First published: Mon Mar 22 2021(Updated: )
There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei ManageOne | =6.5.1-rc1.b060 | |
| Huawei ManageOne | =6.5.1-rc1.b070 | |
| Huawei ManageOne | =6.5.1-rc2.b020 | |
| Huawei ManageOne | =6.5.1-rc2.b030 | |
| Huawei ManageOne | =6.5.1.1-b010 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-22314?
CVE-2021-22314 is a local privilege escalation vulnerability in some versions of ManageOne that allows a local authenticated attacker to obtain higher privileges and compromise the service.
How severe is CVE-2021-22314?
CVE-2021-22314 has a severity rating of 7.8 out of 10, indicating a high severity.
Which versions of ManageOne are affected?
Versions 6.5.1-rc1.b060, 6.5.1-rc1.b070, 6.5.1-rc2.b020, 6.5.1-rc2.b030, and 6.5.1.1-b010 of ManageOne are affected by CVE-2021-22314.
How can an attacker exploit CVE-2021-22314?
An attacker can exploit CVE-2021-22314 by performing specific operations to gain higher privileges and compromise the service.
Is there a fix for CVE-2021-22314?
Yes, please refer to the security advisory provided by Huawei at [reference link].
- collector/nvd-index
- vendor/huawei
- canonical/huawei manageone
- version/huawei manageone/6.5.1-rc1.b060
- version/huawei manageone/6.5.1-rc1.b070
- version/huawei manageone/6.5.1-rc2.b020
- version/huawei manageone/6.5.1-rc2.b030
- version/huawei manageone/6.5.1.1-b010