Sign-up

ID

VAR-202106-0619


CVE

CVE-2021-22329


TITLE

plural  Huawei  Product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2021-008864

DESCRIPTION

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10. plural Huawei The product contains unspecified vulnerabilities.Information may be tampered with. Huawei S12700, etc. are all enterprise-class switch products of China's Huawei (Huawei) company

Trust: 2.25

sources: NVD: CVE-2021-22329 // JVNDB: JVNDB-2021-008864 // CNVD: CNVD-2021-84913 // VULMON: CVE-2021-22329

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-84913

AFFECTED PRODUCTS

vendor:huaweimodel:s5700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r007c01b102

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c01b102

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r011c10spc100

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r011c10

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r011c10spc100

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r011c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r010c00spc300

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r011c00spc100

Trust: 1.0

vendor:huaweimodel:s12700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s1700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s2700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s7700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r011c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c01b102scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r011c10spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r011c10spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r007c01b102scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r010c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r011c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r011c00spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r011c10scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-84913 // JVNDB: JVNDB-2021-008864 // NVD: CVE-2021-22329

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22329
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-22329
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2021-84913
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202106-1957
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-22329
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-22329
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-84913
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-22329
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-22329
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-84913 // VULMON: CVE-2021-22329 // JVNDB: JVNDB-2021-008864 // CNNVD: CNNVD-202106-1957 // NVD: CVE-2021-22329

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-008864 // NVD: CVE-2021-22329

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1957

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202106-1957

PATCH

title:huawei-sa-20210407-01-resourcemanagementurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en

Trust: 0.8

title:Patch for Incorrect license management vulnerabilities for multiple Huawei productsurl:https://www.cnvd.org.cn/patchInfo/show/297536

Trust: 0.6

title:Huawei S2700 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156248

Trust: 0.6

sources: CNVD: CNVD-2021-84913 // JVNDB: JVNDB-2021-008864 // CNNVD: CNNVD-202106-1957

EXTERNAL IDS

db:NVDid:CVE-2021-22329

Trust: 3.9

db:JVNDBid:JVNDB-2021-008864

Trust: 0.8

db:CNVDid:CNVD-2021-84913

Trust: 0.6

db:CNNVDid:CNNVD-202106-1957

Trust: 0.6

db:VULMONid:CVE-2021-22329

Trust: 0.1

sources: CNVD: CNVD-2021-84913 // VULMON: CVE-2021-22329 // JVNDB: JVNDB-2021-008864 // CNNVD: CNNVD-202106-1957 // NVD: CVE-2021-22329

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-22329

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2021-84913 // VULMON: CVE-2021-22329 // JVNDB: JVNDB-2021-008864 // CNNVD: CNNVD-202106-1957 // NVD: CVE-2021-22329

SOURCES

db:CNVDid:CNVD-2021-84913
db:VULMONid:CVE-2021-22329
db:JVNDBid:JVNDB-2021-008864
db:CNNVDid:CNNVD-202106-1957
db:NVDid:CVE-2021-22329

LAST UPDATE DATE

2024-08-14T15:22:14.294000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-84913date:2021-11-08T00:00:00
db:VULMONid:CVE-2021-22329date:2021-07-07T00:00:00
db:JVNDBid:JVNDB-2021-008864date:2022-03-29T09:13:00
db:CNNVDid:CNNVD-202106-1957date:2021-07-08T00:00:00
db:NVDid:CVE-2021-22329date:2021-07-07T11:34:52.937

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-84913date:2021-11-08T00:00:00
db:VULMONid:CVE-2021-22329date:2021-06-29T00:00:00
db:JVNDBid:JVNDB-2021-008864date:2022-03-29T00:00:00
db:CNNVDid:CNNVD-202106-1957date:2021-06-29T00:00:00
db:NVDid:CVE-2021-22329date:2021-06-29T20:15:08.083