What is CVE-2021-22397?

CVE-2021-22397 is a medium-severity vulnerability in Huawei Manageone, classified under Improper Input Validation. CVSS score: 6.7/10. Published 2021-08-02.

How severe is CVE-2021-22397?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Improper input validation in Huawei Manageone

CVE-2021-22397

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privil…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (6.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Huawei Manageone — versions 8.0.0
N/a Manageone — versions 8.0.0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

psirt@huawei.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2021-22397?: CVE-2021-22397 is a medium-severity vulnerability in Huawei Manageone, classified under Improper Input Validation. CVSS score: 6.7/10. Published 2021-08-02.
How severe is CVE-2021-22397?: Medium severity. CVSS v3 base score is 6.7 out of 10.