Vulnerability CVE-2021-22339
Published: 2021-05-20

Description:
There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal.

Type:

CWE-345

 (Insufficient Verification of Data Authenticity)

CVSS2 => (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.5/10
2.9/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Huawei -> Manageone 

 References:
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210428-01-dos-en
Copyright 2024, cxsecurity.com

 

Back to Top