Details of VAR-202111-1586

ID

VAR-202111-1586

CVE

CVE-2021-37029

TITLE

Huawei Vulnerabilities in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2021-015559

DESCRIPTION

There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. Huawei Smartphones have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei Emui is a mobile operating system developed based on Android. Magic Ui is a mobile operating system developed based on Android. Authentication vulnerabilities exist in Huawei Emui and Magic UI

Trust: 1.71

sources: NVD: CVE-2021-37029 // JVNDB: JVNDB-2021-015559 // VULHUB: VHN-398861

AFFECTED PRODUCTS

vendor:	huawei	model:	emui	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	emui	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-015559 // NVD: CVE-2021-37029

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-37029
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-37029
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202111-1893
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-398861
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-37029
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-398861
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-37029
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2021-37029
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-398861 // JVNDB: JVNDB-2021-015559 // CNNVD: CNNVD-202111-1893 // NVD: CVE-2021-37029

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-015559 // NVD: CVE-2021-37029

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-1893

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202111-1893

PATCH

title:	HUAWEI EMUI/Magic UI security updates August 2021	url:	https://consumer.huawei.com/en/support/bulletin/2021/8/	Trust: 0.8
title:	Huawei HarmonyOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=172191	Trust: 0.6

sources: JVNDB: JVNDB-2021-015559 // CNNVD: CNNVD-202111-1893

EXTERNAL IDS

db:	NVD	id:	CVE-2021-37029	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-015559	Trust: 0.8
db:	CNNVD	id:	CNNVD-202111-1893	Trust: 0.6
db:	CNVD	id:	CNVD-2021-102865	Trust: 0.1
db:	VULHUB	id:	VHN-398861	Trust: 0.1

sources: VULHUB: VHN-398861 // JVNDB: JVNDB-2021-015559 // CNNVD: CNNVD-202111-1893 // NVD: CVE-2021-37029

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2021/8/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37029	Trust: 1.4

sources: VULHUB: VHN-398861 // JVNDB: JVNDB-2021-015559 // CNNVD: CNNVD-202111-1893 // NVD: CVE-2021-37029

SOURCES

db:	VULHUB	id:	VHN-398861
db:	JVNDB	id:	JVNDB-2021-015559
db:	CNNVD	id:	CNNVD-202111-1893
db:	NVD	id:	CVE-2021-37029

LAST UPDATE DATE

2024-08-14T14:55:44.676000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-398861	date:	2021-12-09T00:00:00
db:	JVNDB	id:	JVNDB-2021-015559	date:	2022-11-24T06:43:00
db:	CNNVD	id:	CNNVD-202111-1893	date:	2021-12-01T00:00:00
db:	NVD	id:	CVE-2021-37029	date:	2021-12-09T17:57:49.587

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-398861	date:	2021-11-23T00:00:00
db:	JVNDB	id:	JVNDB-2021-015559	date:	2022-11-24T00:00:00
db:	CNNVD	id:	CNNVD-202111-1893	date:	2021-11-23T00:00:00
db:	NVD	id:	CVE-2021-37029	date:	2021-11-23T16:15:09.667