Sign-up

ID

VAR-202202-1078


CVE

CVE-2021-40046


TITLE

PCManager  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-006830

DESCRIPTION

PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege. PCManager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-40046 // JVNDB: JVNDB-2022-006830 // VULHUB: VHN-401447

AFFECTED PRODUCTS

vendor:huaweimodel:pcmanagerscope:eqversion:11.1.1.95

Trust: 1.8

vendor:huaweimodel:pcmanagerscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-006830 // NVD: CVE-2021-40046

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40046
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-40046
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202202-1243
value: CRITICAL

Trust: 0.6

VULHUB: VHN-401447
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-40046
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-401447
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-40046
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-40046
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-401447 // CNNVD: CNNVD-202202-1243 // JVNDB: JVNDB-2022-006830 // NVD: CVE-2021-40046

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-269

Trust: 0.1

sources: VULHUB: VHN-401447 // JVNDB: JVNDB-2022-006830 // NVD: CVE-2021-40046

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-1243

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202202-1243

PATCH

title:huawei-sa-20220216-01-priescurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220216-01-priesc-en

Trust: 0.8

title:Huawei PCManager Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185275

Trust: 0.6

sources: CNNVD: CNNVD-202202-1243 // JVNDB: JVNDB-2022-006830

EXTERNAL IDS

db:NVDid:CVE-2021-40046

Trust: 3.3

db:JVNDBid:JVNDB-2022-006830

Trust: 0.8

db:CS-HELPid:SB2022021501

Trust: 0.6

db:CNNVDid:CNNVD-202202-1243

Trust: 0.6

db:VULHUBid:VHN-401447

Trust: 0.1

sources: VULHUB: VHN-401447 // CNNVD: CNNVD-202202-1243 // JVNDB: JVNDB-2022-006830 // NVD: CVE-2021-40046

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220216-01-priesc-en

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-40046

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-40046/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021501

Trust: 0.6

sources: VULHUB: VHN-401447 // CNNVD: CNNVD-202202-1243 // JVNDB: JVNDB-2022-006830 // NVD: CVE-2021-40046

SOURCES

db:VULHUBid:VHN-401447
db:CNNVDid:CNNVD-202202-1243
db:JVNDBid:JVNDB-2022-006830
db:NVDid:CVE-2021-40046

LAST UPDATE DATE

2026-06-19T23:38:01.604000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401447date:2022-07-12T00:00:00
db:CNNVDid:CNNVD-202202-1243date:2022-07-14T00:00:00
db:JVNDBid:JVNDB-2022-006830date:2023-07-10T05:37:00
db:NVDid:CVE-2021-40046date:2026-06-17T04:06:27.153

SOURCES RELEASE DATE

db:VULHUBid:VHN-401447date:2022-02-25T00:00:00
db:CNNVDid:CNNVD-202202-1243date:2022-02-15T00:00:00
db:JVNDBid:JVNDB-2022-006830date:2023-07-10T00:00:00
db:NVDid:CVE-2021-40046date:2022-02-25T19:15:12.567