{"containers": {"cna": {"affected": [{"product": "ManageOne;iManager NetEco;iManager NetEco 6000", "vendor": "n/a", "versions": [{"status": "affected", "version": "6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B090,8.0.0,8.0.0-LCN080,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3"}, {"status": "affected", "version": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00CP3001,V600R010C00CP3002,V600R010C00CP3101,V600R010C00CP3102,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300,V600R010C00SPC310"}, {"status": "affected", "version": "V600R009C00CP2201,V600R009C00CP2301,V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210,V600R009C00SPC220,V600R009C00SPC221,V600R009C00SPC230,V600R009C00SPC232"}]}], "descriptions": [{"lang": "en", "value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."}], "problemTypes": [{"descriptions": [{"description": "CSV Injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-10-27T00:29:32.000Z", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2021-37131", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ManageOne;iManager NetEco;iManager NetEco 6000", "version": {"version_data": [{"version_value": "6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B090,8.0.0,8.0.0-LCN080,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3"}, {"version_value": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00CP3001,V600R010C00CP3002,V600R010C00CP3101,V600R010C00CP3102,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300,V600R010C00SPC310"}, {"version_value": "V600R009C00CP2201,V600R009C00CP2301,V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210,V600R009C00SPC220,V600R009C00SPC221,V600R009C00SPC230,V600R009C00SPC232"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CSV Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en", "refsource": "MISC", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:16:02.878Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2021-37131", "datePublished": "2021-10-27T00:29:32.000Z", "dateReserved": "2021-07-20T00:00:00.000Z", "dateUpdated": "2024-08-04T01:16:02.878Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*", "matchCriteriaId": "24872541-A493-48BD-AA2C-7A976FF75F9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b070:*:*:*:*:*:*", "matchCriteriaId": "D962B0A1-0725-4A6F-99EB-E6E42F03243B", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*", "matchCriteriaId": "61EC963F-1160-43D4-B4E4-2CC2B209B4DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*", "matchCriteriaId": "2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*", "matchCriteriaId": "AD086E38-D1F5-4160-A7A2-12E681F686CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*", "matchCriteriaId": "035E4DF1-4B17-448B-8A78-CD81F68D38CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*", "matchCriteriaId": "DDDB5BDF-9760-4EE6-947D-A633B9CC0D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*", "matchCriteriaId": "31787857-76F6-4E80-82B7-56B1C12B6628", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*", "matchCriteriaId": "73901E08-8C24-46FB-A42D-6457630AA6DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*", "matchCriteriaId": "463A4059-55EF-4862-B8AD-90DCAC0CC871", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*", "matchCriteriaId": "4042FC49-4FC7-46B4-8D14-ECACF22A9860", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*", "matchCriteriaId": "A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*", "matchCriteriaId": "535597A4-29C8-44A8-9008-4F4E10030531", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc100.b050:*:*:*:*:*:*", "matchCriteriaId": "C59C64B0-D42D-4515-BD2B-4FE5C7F48BE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b010:*:*:*:*:*:*", "matchCriteriaId": "698B071C-FC52-40CD-BBA7-53426051F504", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b040:*:*:*:*:*:*", "matchCriteriaId": "F6461FE1-99CC-48E4-8134-F17D895511F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200:*:*:*:*:*:*", "matchCriteriaId": "FE5AE38A-627F-4337-949D-A5811D6859EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b010:*:*:*:*:*:*", "matchCriteriaId": "29FEC933-0E52-496B-A2B3-C84E65E5B430", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b030:*:*:*:*:*:*", "matchCriteriaId": "16F30BF5-4510-4AC7-8B12-6D4126C2DC60", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b040:*:*:*:*:*:*", "matchCriteriaId": "37090D37-0CDF-464B-9509-4F465D20C8C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b050:*:*:*:*:*:*", "matchCriteriaId": "83B2B033-F12C-487E-8245-3F5BBF59BBC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b060:*:*:*:*:*:*", "matchCriteriaId": "1ADF4433-A950-4A00-A4F7-12F766B4C947", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b070:*:*:*:*:*:*", "matchCriteriaId": "7FF3EB4D-6892-4572-B1D6-6183FE8B8D66", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcn080:*:*:*:*:*:*", "matchCriteriaId": "EF638B61-21C2-4BCF-8EDA-549073776C96", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*", "matchCriteriaId": "E9090F1E-EF60-4E54-9885-7F6B1681DE9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "51E51969-9D4D-4A58-BEBD-19F4BD64BC7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*", "matchCriteriaId": "7EDE7C94-7E89-45E6-8A79-32E53D9139DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "47A8E919-FAC0-4011-927F-599AA7688A32", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2001:*:*:*:*:*:*:*", "matchCriteriaId": "DB5DA70B-2B2A-4D66-8D45-D37B0128DC01", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2002:*:*:*:*:*:*:*", "matchCriteriaId": "47D66420-5D94-4757-BCDA-878628D83201", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3001:*:*:*:*:*:*:*", "matchCriteriaId": "27280804-63DD-416E-98E1-D68827A8B25E", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3002:*:*:*:*:*:*:*", "matchCriteriaId": "135682EE-750C-40E5-B670-3413F75CA9BF", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3101:*:*:*:*:*:*:*", "matchCriteriaId": "E138CC11-2FCF-49D6-A5D9-1640E6EB7DF8", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3102:*:*:*:*:*:*:*", "matchCriteriaId": "A6D15126-6131-45DA-943B-3B5246C1DEE9", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "DF27593A-5B5D-42F8-8826-7B5AE71D0017", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc110:*:*:*:*:*:*:*", "matchCriteriaId": "B61166A9-71C0-4DAD-B12A-09E60BC2185A", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc120:*:*:*:*:*:*:*", "matchCriteriaId": "65650D52-CF29-4A80-B026-FFC758AEE209", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "E09E6692-73D6-4EAE-902B-B1C04EA707C8", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc210:*:*:*:*:*:*:*", "matchCriteriaId": "74B4D132-7977-4137-A5E3-3730FE63CC3E", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc300:*:*:*:*:*:*:*", "matchCriteriaId": "FF7DC28E-0473-4D40-BF89-E90983070F72", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc310:*:*:*:*:*:*:*", "matchCriteriaId": "58E64AEF-5493-40D8-B992-3E6BEA38AE08", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2201:*:*:*:*:*:*:*", "matchCriteriaId": "66B67DA3-781D-47BA-941B-475DB4D8EDF6", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2301:*:*:*:*:*:*:*", "matchCriteriaId": "15AAA803-8D92-44A7-B199-8847F39DB9BE", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc100:*:*:*:*:*:*:*", "matchCriteriaId": "F48421A9-58FC-4144-AE9F-9B82818EF62D", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc110:*:*:*:*:*:*:*", "matchCriteriaId": "41237B91-3778-48C7-BBDD-A56957390F61", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc120:*:*:*:*:*:*:*", "matchCriteriaId": "A4B056BA-73D9-4E1A-B865-838D3CEB47B6", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc190:*:*:*:*:*:*:*", "matchCriteriaId": "84300143-1A0C-4172-BAC3-AFDAC85C7F2D", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "C45A355E-DEAD-49E7-8A3E-3D474525EB5D", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc201:*:*:*:*:*:*:*", "matchCriteriaId": "FF8B49FD-1F1C-42D6-B65A-839D0719F23C", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc202:*:*:*:*:*:*:*", "matchCriteriaId": "0FAF9CE1-6489-4DF9-A559-803291CA2A4F", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc210:*:*:*:*:*:*:*", "matchCriteriaId": "94B7FBF4-57D3-4F15-B614-FF4A707F85D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc220:*:*:*:*:*:*:*", "matchCriteriaId": "9E007CA7-E6E2-4391-9889-9029C8EDEC1F", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc221:*:*:*:*:*:*:*", "matchCriteriaId": "3A5A03CC-A585-4DD1-B6DD-7B126E3D616D", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc230:*:*:*:*:*:*:*", "matchCriteriaId": "0A387DDE-C053-45A1-BE44-E643CAB35B51", "vulnerable": true}, {"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc232:*:*:*:*:*:*:*", "matchCriteriaId": "50B76F15-9FE3-41C1-80A8-68CAAEBB6D71", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n CSV en ManageOne, iManager NetEco e iManager NetEco 6000. Un atacante con altos privilegios puede explotar esta vulnerabilidad mediante algunas operaciones para inyectar los archivos CSV. Debido a una comprobaci\u00f3n de entrada insuficiente de algunos par\u00e1metros, el atacante puede explotar esta vulnerabilidad para inyectar archivos CSV en el dispositivo de destino"}], "id": "CVE-2021-37131", "lastModified": "2024-11-21T06:14:42.373", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-27T01:15:07.863", "references": [{"source": "psirt@huawei.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1236"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}