Details of VAR-202106-1923

ID

VAR-202106-1923

CVE

CVE-2021-22337

TITLE

Huawei Vulnerability in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2021-007573

DESCRIPTION

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data. Huawei There are unspecified vulnerabilities in smartphones.Information may be obtained. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

Trust: 1.71

sources: NVD: CVE-2021-22337 // JVNDB: JVNDB-2021-007573 // VULHUB: VHN-380772

AFFECTED PRODUCTS

vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	2.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.1	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	emui	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-007573 // NVD: CVE-2021-22337

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22337
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-22337
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202106-251
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-380772
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-22337
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-380772
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22337
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22337
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-380772 // JVNDB: JVNDB-2021-007573 // CNNVD: CNNVD-202106-251 // NVD: CVE-2021-22337

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-007573 // NVD: CVE-2021-22337

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-251

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202106-251

PATCH

title:	Huawei EMUI/Magic UI security updates April 2021	url:	https://consumer.huawei.com/en/support/bulletin/2021/4/	Trust: 0.8
title:	HuaWei Repair measures for security vulnerabilities in Huawei smartphones	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152911	Trust: 0.6

sources: JVNDB: JVNDB-2021-007573 // CNNVD: CNNVD-202106-251

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22337	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-007573	Trust: 0.8
db:	CNNVD	id:	CNNVD-202106-251	Trust: 0.7
db:	VULHUB	id:	VHN-380772	Trust: 0.1

sources: VULHUB: VHN-380772 // JVNDB: JVNDB-2021-007573 // CNNVD: CNNVD-202106-251 // NVD: CVE-2021-22337

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2021/4/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22337	Trust: 1.4

sources: VULHUB: VHN-380772 // JVNDB: JVNDB-2021-007573 // CNNVD: CNNVD-202106-251 // NVD: CVE-2021-22337

SOURCES

db:	VULHUB	id:	VHN-380772
db:	JVNDB	id:	JVNDB-2021-007573
db:	CNNVD	id:	CNNVD-202106-251
db:	NVD	id:	CVE-2021-22337

LAST UPDATE DATE

2024-08-14T14:03:08.367000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-380772	date:	2021-12-09T00:00:00
db:	JVNDB	id:	JVNDB-2021-007573	date:	2022-02-17T05:10:00
db:	CNNVD	id:	CNNVD-202106-251	date:	2021-06-11T00:00:00
db:	NVD	id:	CVE-2021-22337	date:	2021-12-09T17:57:49.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-380772	date:	2021-06-03T00:00:00
db:	JVNDB	id:	JVNDB-2021-007573	date:	2022-02-17T00:00:00
db:	CNNVD	id:	CNNVD-202106-251	date:	2021-06-03T00:00:00
db:	NVD	id:	CVE-2021-22337	date:	2021-06-03T20:15:08.530