Vulnerability in Huawei Manageone
CVE-2021-22340
There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operati…
Vulnerability class: Race Condition
EPSS: 0.001 (1.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.1 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Huawei Manageone — versions 6.5.1, 8.0.0, 8.0.1
- Huawei Smc2.0 — versions v600r019c10spc700, v600r019c10spc702, v600r019c10spc703
- N/a Manageone;smc2.0 — versions 6.5.1.SPC200,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.SPC100, V600R019C10SPC700,V600R019C10SPC702,V600R019C10SPC703,V600R019C10SPC800,V600R019C10SPC900,V600R019C10SPC910,V600R019C10SPC920,V600R019C10SPC921,V600R019C10SPC922,V600R019C10SPC930,V600R019C10SPC931
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-22340?
- CVE-2021-22340 is a medium-severity vulnerability in Huawei Manageone, classified under Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition). CVSS score: 4.1/10. Published 2021-06-29.
- How severe is CVE-2021-22340?
- Medium severity. CVSS v3 base score is 4.1 out of 10.