CVE-2021-46834

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220819-01-7e0a6103-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:jad-al50_firmware:102.0.0.225\(c00e220r3p4\):*:*:*:*:*:*:*

cpe:2.3:h:huawei:jad-al50:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-09-20 20:15

Updated : 2024-02-28 19:29

NVD link : CVE-2021-46834

Mitre link : CVE-2021-46834

CVE.ORG link : CVE-2021-46834

JSON object : View

Products Affected

huawei

jad-al50_firmware
jad-al50

CWE

CWE-276

Incorrect Default Permissions

5.5 /10