cvelist/2021/35xxx/CVE-2021-35079.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2021-35079", 
      "STATE": "PUBLIC"
   }, 
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", 
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8053, AQT1000, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCM4290, QCS4290, QCS603, QCS605, Qualcomm215, SD460, SD480, SD662, SD680, SD690 5G, SD695, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDXR2 5G, SM7250P, SM7325P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
         }
      ]
   }, 
   "impact": {
      "cvss": {
         "baseScore": 6.2, 
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", 
         "version": "3.1"
      }
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Permissions, Privileges and Access Controls in Telephony"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin", 
            "refsource": "CONFIRM", 
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
         }
      ]
   }
}
"-Synchronized-Data." 2021-06-21 21:00:51 +00:00			`{`
Qualcomm_6-14-2022_2 2022-06-14 15:17:37 +05:30			`"CVE_data_meta": {`
			`"ASSIGNER": "product-security@qualcomm.com",`
			`"ID": "CVE-2021-35079",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
"-Synchronized-Data." 2021-06-21 21:00:51 +00:00			`{`
Qualcomm_6-14-2022_2 2022-06-14 15:17:37 +05:30			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",`
			`"version": {`
			`"version_data": [`
			`{`
			"version_value": "APQ8053, AQT1000, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCM4290, QCS4290, QCS603, QCS605, Qualcomm215, SD460, SD480, SD662, SD680, SD690 5G, SD695, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDXR2 5G, SM7250P, SM7325P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835"
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Qualcomm, Inc."`
"-Synchronized-Data." 2021-06-21 21:00:51 +00:00			`}`
Qualcomm_6-14-2022_2 2022-06-14 15:17:37 +05:30			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"`
			`}`
			`]`
			`},`
			`"impact": {`
			`"cvss": {`
			`"baseScore": 6.2,`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Permissions, Privileges and Access Controls in Telephony"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin",`
			`"refsource": "CONFIRM",`
			`"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2021-06-21 21:00:51 +00:00			`}`