Описание
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:huawei:manageone:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.
EPSS
Процентиль: 35%
0.00146
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-276