CVE-2021-39976

Name of the Vulnerable Software and Affected Versions CloudEngine 12800 versions (affected versions not specified) CloudEngine 5800 version V200R020C00SPC600 CloudEngine 6800 versions (affected versions not specified) CloudEngine 7800 versions (affected versions not specified)

Description The issue is related to a lack of privilege restrictions, which can be exploited by an authenticated local attacker to perform specific operations and potentially obtain higher privileges. This can lead to privilege escalation.

Recommendations For CloudEngine 12800, restrict access to sensitive operations until a fix is available. For CloudEngine 5800 version V200R020C00SPC600, consider disabling local access or limiting privileges for authenticated users until a patch is released. For CloudEngine 6800 and CloudEngine 7800, since specific versions are not mentioned, it is recommended to review the current configuration and restrict access to sensitive operations as a precautionary measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.