CVE-2021-22329

3 documents3 sources
Severity
4.9MEDIUM
EPSS
0.1%
top 74.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei S12700 FirmwareHuawei S1700 FirmwareHuawei S2700 Firmware+4 more
Timeline
PublishedJun 29
Latest updateMay 24

Description

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages7 packages

NVDhuawei/s1700_firmware4 versions+3
NVDhuawei/s2700_firmware5 versions+4
NVDhuawei/s5700_firmware6 versions+5
NVDhuawei/s6700_firmware6 versions+5
NVDhuawei/s7700_firmware5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-r7gg-qqgh-p46p: There has a license management vulnerability in some Huawei products2022-05-24
CVEList
CVE-2021-22329: There has a license management vulnerability in some Huawei products2021-06-29
CVE-2021-22329 (MEDIUM CVSS 4.9) | There has a license management vuln | cvebase.io