Description
There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210218-01-privilege-en
Scores
CVSS v3
7.8
EPSS
0.0002
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
huawei/manageone
6.5.1 rc1.b060 (4 CPE variants)
huawei/manageone
6.5.1.1 b010
Published
Mar 22, 2021
Tracked Since
Feb 18, 2026