CVE-2021-22398 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2021-22398

Analyzed

More Info Official Page

Source-psirt@huawei.com

Published At-02 Aug, 2021 | 17:15

Updated At-11 Aug, 2021 | 15:21

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1).

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.6	MEDIUM	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:N

CPE Matches

Huawei Technologies Co., Ltd.

>>hulk-al00c_firmware>>9.1.1.201\(c00e201r8p1\)

cpe:2.3:o:huawei:hulk-al00c_firmware:9.1.1.201\(c00e201r8p1\):*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>hulk-al00c>>-

cpe:2.3:h:huawei:hulk-al00c:-:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>jennifer-an00c_firmware>>10.1.1.171\(c00e170r6p3\)

cpe:2.3:o:huawei:jennifer-an00c_firmware:10.1.1.171\(c00e170r6p3\):*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>jennifer-an00c>>-

cpe:2.3:h:huawei:jennifer-an00c:-:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>jenny-al10b_firmware>>10.1.0.228\(c00e220r5p1\)

cpe:2.3:o:huawei:jenny-al10b_firmware:10.1.0.228\(c00e220r5p1\):*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>jenny-al10b>>-

cpe:2.3:h:huawei:jenny-al10b:-:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>oxfordpl-an10b_firmware>>10.1.0.116\(c00e110r2p1\)

cpe:2.3:o:huawei:oxfordpl-an10b_firmware:10.1.0.116\(c00e110r2p1\):*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>oxfordpl-an10b>>-

cpe:2.3:h:huawei:oxfordpl-an10b:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-863	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-smartphone-en	psirt@huawei.com	Vendor Advisory