CVE-2014-3222 : In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier version

In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.

Published 2017-04-02 20:59:00

Updated 2017-04-04 20:43:00

Source Huawei Technologies

View at NVD, CVE.org

Products affected by CVE-2014-3222

Huawei » Espace Meeting
Versions up to, including, (<=) v100r001c03spc201
cpe:2.3:a:huawei:espace_meeting:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-3222

EPSS FAQ

0.26%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 46 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-3222

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.6	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:P	3.4	9.5	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Partial
7.0	HIGH	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.0	5.9	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2014-3222

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-3222

http://www.huawei.com/en/psirt/security-advisories/hw-329170

Security Advisory-Improper User Permission Setting Vulnerability in Huawei eSpace Meeting
Vendor Advisory

Jump to

Vulnerability Details : CVE-2014-3222

Products affected by CVE-2014-3222

Exploit prediction scoring system (EPSS) score for CVE-2014-3222

CVSS scores for CVE-2014-3222

CWE ids for CVE-2014-3222

References for CVE-2014-3222