nvd-json-data-feeds/CVE-2021/CVE-2021-399xx/CVE-2021-39990.json

{
  "id": "CVE-2021-39990",
  "sourceIdentifier": "psirt@huawei.com",
  "published": "2022-01-03T22:15:11.030",
  "lastModified": "2022-01-14T16:04:15.630",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo de bloqueo de pantalla presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la experiencia del usuario"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "2.0",
              "matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}