admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-399xx/CVE-2021-39995.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

153 lines
4.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-39995",
"sourceIdentifier": "psirt@huawei.com",
"published": "2021-11-29T16:15:07.447",
"lastModified": "2021-11-30T20:08:19.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300."
},
{
"lang": "es",
"value": "Algunos productos de Huawei usan el software OpenHpi para la administraci\u00f3n del hardware. Una funci\u00f3n que analiza los datos devueltos por OpenHpi contiene una vulnerabilidad de lectura fuera de l\u00edmites que podr\u00eda conllevar a una denegaci\u00f3n de servicio. Las versiones de producto afectadas son: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5F31C0-805E-4AB7-9BC6-EEB6FE5275F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:ecns280_td:-:*:*:*:*:*:*:*",
"matchCriteriaId": "900FA565-05B8-41E9-BE02-9BC4E14A28F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "3D09A362-885C-4CAD-931B-ECFBB857F849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c20spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "BB48C0D8-E413-411E-9565-9AABA0A70CD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:ese620x_vess_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "60AA30F0-E1A9-4D25-AE84-6CF952FD8E97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:ese620x_vess:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC039E0-A953-4C79-B751-5B9738371DF0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211124-03-dos-en",
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink