2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-22387" ,
"sourceIdentifier" : "psirt@huawei.com" ,
"published" : "2021-08-02T17:15:13.783" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T05:50:01.540" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands."
} ,
{
"lang" : "es" ,
"value" : "Se presenta una Vulnerabilidad de Control Inapropiado de la Administraci\u00f3n Din\u00e1mica de los Recursos de C\u00f3digo en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir que se intenten ejecutar comandos remotamente"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 9.8 ,
"baseSeverity" : "CRITICAL" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-913"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "66AC7F91-917C-40A6-9983-A339EFB091F1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A7FF0AD1-22C2-423B-822A-E6496CEDAB02"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B701EC6-8208-4D22-95A6-B07D471A8A8B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EFAE846A-00EA-417F-B66F-1F5396BB6139"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B655712B-E86C-4BD2-8A99-AEA382C520E7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F6066FAB-23F5-4CB2-B89E-B00F8835AC39"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://consumer.huawei.com/en/support/bulletin/2021/6/" ,
"source" : "psirt@huawei.com" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://consumer.huawei.com/en/support/bulletin/2021/6/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
