cvelist/2021/30xxx/CVE-2021-30325.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com",
      "ID": "CVE-2021-30325",
      "STATE": "PUBLIC"
   },
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8096AU, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9150, MDM9206, PMP8074, QCA4024, QCA6390, QCA6391, QCA6426, QCA6428, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9986, QCA9988, QCA9990, QCA9992, QCA9994, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5502, QCN5550, QCN6023, QCN6024, QCN6122, QCN6132, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS405, QCS410, QCS603, QCS605, QCS610, QRB5165, QRB5165M, QRB5165N, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD205, SD210, SD460, SD662, SD665, SD765, SD765G, SD768G, SD865 5G, SD870, SDA429W, SDX55, SDX55M, SDXR2 5G, SM6225, SM7250P, WCD9330, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6850, WCN6851, WSA8810, WSA8815"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format": "MITRE",
   "data_type": "CVE",
   "data_version": "4.0",
   "description": {
      "description_data": [
         {
            "lang": "eng",
            "value": "Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
         }
      ]
   },
   "impact": {
      "cvss": {
         "baseScore": 6.7,
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
         "version": "3.1"
      }
   },
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng",
                  "value": "Improper Validation of Array Index in Core Services"
               }
            ]
         }
      ]
   },
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin",
            "refsource": "CONFIRM",
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin"
         }
      ]
   }
}