mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
161 lines
5.1 KiB
JSON
161 lines
5.1 KiB
JSON
{
|
|
"id": "CVE-2021-40064",
|
|
"sourceIdentifier": "psirt@huawei.com",
|
|
"published": "2022-03-10T17:43:24.960",
|
|
"lastModified": "2022-03-14T16:17:26.763",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en los componentes del sistema. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del sistema"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.8
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-787"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
|
|
"source": "psirt@huawei.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
|
|
"source": "psirt@huawei.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |