CVE-2021-22311
Description
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.
Risk Information
Base Score
7.2
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.146
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-9115 ,CVE-2020-9205 ,CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.1 | NCM |
| Vulnerabilities CVE-2020-9115 ,CVE-2021-22298 ,CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0 | NCM |
| Vulnerabilities CVE-2021-22293 ,CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-rc2 | NCM |
| Vulnerabilities CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-spc100 | NCM |
| Vulnerabilities CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-rc3.spc100 | NCM |
| Vulnerabilities CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-rc3.b041 | NCM |
| Vulnerabilities CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-rc3 | NCM |
| Vulnerabilities CVE-2021-22299 ,CVE-2021-22311 are affected in manageone 8.0.0-lcnd81 | NCM |
| Incorrect Default Permissions Vulnerability (CVE-2021-22311) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234