Every CVE whose affected-product data names Huawei Manageone, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2021-22299 — CVSS 7.8 (high): There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands…
CVE-2021-22314 — CVSS 7.8 (high): There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific…
CVE-2019-5289 — CVSS 7.5 (high): Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the…
CVE-2021-22293 — CVSS 7.5 (high): Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause…
CVE-2021-22311 — CVSS 7.2 (high): There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can…
CVE-2020-9115 — CVSS 7.2 (high): ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection…
CVE-2021-37131 — CVSS 6.8 (medium): There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit…
CVE-2021-22397 — CVSS 6.7 (medium): There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when…
CVE-2021-22298 — CVSS 6.5 (medium): There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement…
CVE-2021-22339 — CVSS 6.5 (medium): There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of…
CVE-2021-22409 — CVSS 5.3 (medium): There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a…
CVE-2020-9205 — CVSS 4.9 (medium): There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may exploit this vulnerability through some…
CVE-2021-22340 — CVSS 4.1 (medium): There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple…
CVE-2020-1862 — CVSS 3.3 (low): There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit…