Main Vulnerability Database Vulnerabilities #VU56418

Improper Authorization in AIS-BW50-00 - CVE-2021-37101

Published: September 9, 2021

Vulnerability identifier: #VU56418

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-37101

CWE-ID: CWE-285

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Huawei

Affected software:
AIS-BW50-00

Detailed vulnerability description

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to improper authorization mangement. An attacker with physical access can bypass authorization checks and execute arbitrary code om the target system.

How to mitigate CVE-2021-37101

Install updates from vendor's website.

Sources

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210908-01-badauthorization-en

Improper Authorization in AIS-BW50-00 - CVE-2021-37101

Detailed vulnerability description

How to mitigate CVE-2021-37101

Sources

Please verify you're human