What is CVE-2021-22293?

CVE-2021-22293 is a high-severity vulnerability in Huawei Campusinsight, classified under Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling). CVSS score: 7.5/10. Published 2021-02-06.

How severe is CVE-2021-22293?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Huawei Campusinsight

CVE-2021-22293

Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne v…

Vulnerability class: HTTP Request Smuggling

EPSS: 0.009 (55.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Huawei Campusinsight — versions v100r019c10
Huawei Manageone — versions 6.5.1.1, 8.0.0
Huawei Taurus-al00a
Huawei Taurus-al00a_firmware — versions 10.0.0.1\(c00e1r1p1\)
N/a Campusinsight — versions V100R019C10
N/a Manageone — versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200

Weakness classification (CWE)

CWE-444 — Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling)

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2021-22293?: CVE-2021-22293 is a high-severity vulnerability in Huawei Campusinsight, classified under Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling). CVSS score: 7.5/10. Published 2021-02-06.
How severe is CVE-2021-22293?: High severity. CVSS v3 base score is 7.5 out of 10.