Details of VAR-202110-1417

ID

VAR-202110-1417

CVE

CVE-2021-22406

TITLE

Huawei Vulnerabilities in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2021-014460

DESCRIPTION

There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Huawei Smartphones have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-22406 // JVNDB: JVNDB-2021-014460 // VULHUB: VHN-380841

AFFECTED PRODUCTS

vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	2.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	magic ui	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-014460 // NVD: CVE-2021-22406

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22406
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-22406
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202110-2037
value:	HIGH
Trust: 0.6
VULHUB:	VHN-380841
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-22406
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-380841
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22406
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22406
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-380841 // JVNDB: JVNDB-2021-014460 // CNNVD: CNNVD-202110-2037 // NVD: CVE-2021-22406

PROBLEMTYPE DATA

problemtype:	CWE-755	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-014460 // NVD: CVE-2021-22406

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-2037

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-2037

PATCH

title:	HUAWEI EMUI/Magic UI security updates July 2021	url:	https://consumer.huawei.com/en/support/bulletin/2021/7/	Trust: 0.8
title:	Huawei Smartphone Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168386	Trust: 0.6

sources: JVNDB: JVNDB-2021-014460 // CNNVD: CNNVD-202110-2037

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22406	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-014460	Trust: 0.8
db:	CNNVD	id:	CNNVD-202110-2037	Trust: 0.6
db:	VULHUB	id:	VHN-380841	Trust: 0.1

sources: VULHUB: VHN-380841 // JVNDB: JVNDB-2021-014460 // CNNVD: CNNVD-202110-2037 // NVD: CVE-2021-22406

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2021/7/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22406	Trust: 0.8

sources: VULHUB: VHN-380841 // JVNDB: JVNDB-2021-014460 // CNNVD: CNNVD-202110-2037 // NVD: CVE-2021-22406

SOURCES

db:	VULHUB	id:	VHN-380841
db:	JVNDB	id:	JVNDB-2021-014460
db:	CNNVD	id:	CNNVD-202110-2037
db:	NVD	id:	CVE-2021-22406

LAST UPDATE DATE

2024-08-14T15:06:39.016000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-380841	date:	2021-11-02T00:00:00
db:	JVNDB	id:	JVNDB-2021-014460	date:	2022-10-19T03:59:00
db:	CNNVD	id:	CNNVD-202110-2037	date:	2021-11-03T00:00:00
db:	NVD	id:	CVE-2021-22406	date:	2023-08-08T14:21:49.707

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-380841	date:	2021-10-28T00:00:00
db:	JVNDB	id:	JVNDB-2021-014460	date:	2022-10-19T00:00:00
db:	CNNVD	id:	CNNVD-202110-2037	date:	2021-10-28T00:00:00
db:	NVD	id:	CVE-2021-22406	date:	2021-10-28T13:15:08.680