CVE-2014-3222

HIGH

Huawei Espace Meeting < v100r001c03spc201 - Access Control

Title source: rule

Description

In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/32205

View Code ZIP pw:eip

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/psirt/security-advisories/hw-329170

Scores

CVSS v3 7.0

EPSS 0.0026

EPSS Percentile 49.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (2)

huawei/espace_meeting < v100r001c03spc201

n/a/eSpace Meeting V100R001C03SPC201 and the earlier versions eSpace Meeting V100R001C03SPC201 and the earlier versions

Published Apr 02, 2017

Tracked Since Feb 18, 2026