Vulnerability in Huawei Manageone
CVE-2021-22298
There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause serv…
EPSS: 0.009 (55.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Huawei Manageone — versions 6.5.1.1, 8.0.0
- N/a Manageone — versions 6.5.1.1.B020,6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1.SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B070, 6.5.1RC1.B080, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090
References
- psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@huawei.com (Third Party Advisory, x_refsource_MISC, Not Applicable)
Frequently asked questions
- What is CVE-2021-22298?
- CVE-2021-22298 is a medium-severity vulnerability in Huawei Manageone. CVSS score: 6.5/10. Published 2021-02-06.
- How severe is CVE-2021-22298?
- Medium severity. CVSS v3 base score is 6.5 out of 10.