cvelist/2021/1xxx/CVE-2021-1933.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com",
      "ID": "CVE-2021-1933",
      "STATE": "PUBLIC"
   },
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8017, APQ8053, AQT1000, CSRB31024, MSM8917, MSM8920, MSM8940, MSM8953, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6420, QCA6430, QCA6564AU, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, QCA9377, QCM4290, QCM6125, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, Qualcomm215, SA415M, SA8155, SA8155P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD429, SD439, SD450, SD632, SD665, SD670, SD675, SD678, SD712, SD720G, SD730, SD850, SD855, SDA429W, SDM429W, SDM630, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SM6250, SM6250P, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN6850, WHS9410"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format": "MITRE",
   "data_type": "CVE",
   "data_version": "4.0",
   "description": {
      "description_data": [
         {
            "lang": "eng",
            "value": "UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables"
         }
      ]
   },
   "impact": {
      "cvss": {
         "baseScore": 9.8,
         "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
         "version": "3.1"
      }
   },
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng",
                  "value": "Improper Validation of Array Index in Modem"
               }
            ]
         }
      ]
   },
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin",
            "refsource": "CONFIRM",
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
         }
      ]
   }
}