Описание
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc601:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc602:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc800:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spca00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcb00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcc00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcd00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spce00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00022
Низкий
6.7 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
github
больше 3 лет назад
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
EPSS
Процентиль: 5%
0.00022
Низкий
6.7 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-862