CVE-2021-22329 Information

Description

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device as a result the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01V200R007C01B102V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10;S1700 V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10;S2700 V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10;S5700 V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10V200R011C10SPC100;S6700 V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10V200R011C10SPC100;S7700 V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10;S9700 V200R007C01V200R007C01B102V200R008C00V200R010C00SPC300V200R011C00V200R011C00SPC100V200R011C10.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

4.9