CVE-2021-37131

Published Oct 27, 2021
Last updated 3 years ago
CVSS medium 6.8
Overview

Description: There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
Source: psirt@huawei.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 6
Impact score: 6.4
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-1236
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24872541-A493-48BD-AA2C-7A976FF75F9D"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b070:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D962B0A1-0725-4A6F-99EB-E6E42F03243B"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61EC963F-1160-43D4-B4E4-2CC2B209B4DA"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD086E38-D1F5-4160-A7A2-12E681F686CB"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "035E4DF1-4B17-448B-8A78-CD81F68D38CA"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDDB5BDF-9760-4EE6-947D-A633B9CC0D36"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31787857-76F6-4E80-82B7-56B1C12B6628"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73901E08-8C24-46FB-A42D-6457630AA6DC"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "463A4059-55EF-4862-B8AD-90DCAC0CC871"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4042FC49-4FC7-46B4-8D14-ECACF22A9860"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "535597A4-29C8-44A8-9008-4F4E10030531"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc100.b050:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C59C64B0-D42D-4515-BD2B-4FE5C7F48BE6"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b010:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "698B071C-FC52-40CD-BBA7-53426051F504"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b040:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6461FE1-99CC-48E4-8134-F17D895511F0"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE5AE38A-627F-4337-949D-A5811D6859EB"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b010:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29FEC933-0E52-496B-A2B3-C84E65E5B430"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b030:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F30BF5-4510-4AC7-8B12-6D4126C2DC60"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b040:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37090D37-0CDF-464B-9509-4F465D20C8C2"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b050:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83B2B033-F12C-487E-8245-3F5BBF59BBC1"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b060:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ADF4433-A950-4A00-A4F7-12F766B4C947"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b070:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FF3EB4D-6892-4572-B1D6-6183FE8B8D66"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcn080:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF638B61-21C2-4BCF-8EDA-549073776C96"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9090F1E-EF60-4E54-9885-7F6B1681DE9A"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51E51969-9D4D-4A58-BEBD-19F4BD64BC7A"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EDE7C94-7E89-45E6-8A79-32E53D9139DB"
          },
          {
            "criteria": "cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47A8E919-FAC0-4011-927F-599AA7688A32"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2001:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB5DA70B-2B2A-4D66-8D45-D37B0128DC01"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47D66420-5D94-4757-BCDA-878628D83201"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3001:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27280804-63DD-416E-98E1-D68827A8B25E"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "135682EE-750C-40E5-B670-3413F75CA9BF"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3101:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E138CC11-2FCF-49D6-A5D9-1640E6EB7DF8"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3102:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6D15126-6131-45DA-943B-3B5246C1DEE9"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF27593A-5B5D-42F8-8826-7B5AE71D0017"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc110:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B61166A9-71C0-4DAD-B12A-09E60BC2185A"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc120:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65650D52-CF29-4A80-B026-FFC758AEE209"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E09E6692-73D6-4EAE-902B-B1C04EA707C8"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc210:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B4D132-7977-4137-A5E3-3730FE63CC3E"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF7DC28E-0473-4D40-BF89-E90983070F72"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc310:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58E64AEF-5493-40D8-B992-3E6BEA38AE08"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2201:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66B67DA3-781D-47BA-941B-475DB4D8EDF6"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2301:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15AAA803-8D92-44A7-B199-8847F39DB9BE"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F48421A9-58FC-4144-AE9F-9B82818EF62D"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc110:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41237B91-3778-48C7-BBDD-A56957390F61"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc120:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4B056BA-73D9-4E1A-B865-838D3CEB47B6"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc190:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84300143-1A0C-4172-BAC3-AFDAC85C7F2D"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C45A355E-DEAD-49E7-8A3E-3D474525EB5D"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc201:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF8B49FD-1F1C-42D6-B65A-839D0719F23C"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc202:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FAF9CE1-6489-4DF9-A559-803291CA2A4F"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc210:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94B7FBF4-57D3-4F15-B614-FF4A707F85D7"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc220:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E007CA7-E6E2-4391-9889-9029C8EDEC1F"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc221:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A5A03CC-A585-4DD1-B6DD-7B126E3D616D"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc230:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A387DDE-C053-45A1-BE44-E643CAB35B51"
          },
          {
            "criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc232:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50B76F15-9FE3-41C1-80A8-68CAAEBB6D71"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
