All the vulnerabilites related to huawei - imanager_neteco
Vulnerability from fkie_nvd
Published
2019-09-17 16:15
Modified
2024-11-21 04:27
Severity ?
Summary
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86915AE6-B1BF-4707-934A-4D9C4C8D055A",
"versionEndExcluding": "3.16.74",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7DCE8F-B46F-4805-8149-EC96FA1AE7C0",
"versionEndExcluding": "4.4.193",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E6AA2E-1B41-4254-BF88-FFBBD289D6F5",
"versionEndExcluding": "4.9.193",
"versionStartIncluding": "4.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B03599FC-6BB3-49F9-9FD8-1EB0A1194233",
"versionEndExcluding": "4.14.144",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C302EBC-2256-44A4-8BD3-5BCB2FA5F6F6",
"versionEndExcluding": "4.19.73",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA36BC1-A7F2-44F3-930A-EAF173B9E604",
"versionEndExcluding": "5.2.15",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8AA5A5-E882-4063-B2BB-C2268685060E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "952F55C9-7E7C-4539-9D08-E736B3488569",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_a700s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F92D596-810D-414E-8AF9-1EC271648D16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D96CBB4-2B07-4E8C-AFBD-32A5470ED1F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80A6BDDA-17BE-4EE5-BEFC-F24235A3C9F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F5761B-B747-4110-9849-B6D4C14B24A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09B76C01-3DA1-461D-98F2-4858AF542D84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E5A63-DA59-4582-9D38-26E9225B0BA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EEA523F-E92B-459F-9811-1E71EA9FF362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4738C27A-A24C-44E0-96DF-81812473ECC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5EBA781-49D3-4CBB-914E-8A56D61FC322",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D033CBC9-59FE-48D6-9D30-C4895FB957B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF46487-B64A-454E-AECC-D74B83170ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "146A767F-DC04-454B-9913-17D3A2B5AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E92F9B3-3841-4C05-88F0-CEB0735EA4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:imanager_neteco:v600r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B6EEA9-4E22-49F8-97E3-10E56EA8CBE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:imanager_neteco:v600r009c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2E60B0-BE2D-4ABF-9F1A-07FA98F5743E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c10spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "75DEAA37-7889-4FE6-B606-BB354625231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "AE14BF0B-0641-4CB2-A9B9-8AAE5AAAB6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B85321E0-8B1B-452B-A1AE-D8BB85C18CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.0.spc100.b210:*:*:*:*:*:*:*",
"matchCriteriaId": "A042DB25-3D29-4C0A-89C7-70E53AB5A78A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1rc1.b060:*:*:*:*:*:*:*",
"matchCriteriaId": "B07551BB-2540-403E-83DC-E61BCFA15046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1rc1.b080:*:*:*:*:*:*:*",
"matchCriteriaId": "A42D0C34-C616-4AE5-853D-1353DC2C26A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.rc2.b050:*:*:*:*:*:*:*",
"matchCriteriaId": "58E84BB6-76BA-4833-83C3-2DA35E8DB7C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel\u0027s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo de desbordamiento de b\u00fafer, en las versiones desde 2.6.34 hasta 5.2.x, en la manera en que la funcionalidad vhost del kernel de Linux que traduce los b\u00faferes virtueue en IOV, registraba los descriptores del b\u00fafer durante una migraci\u00f3n. Un usuario invitado privilegiado capaz de pasar descriptores con una longitud no v\u00e1lida hacia el host cuando la migraci\u00f3n est\u00e1 en marcha, podr\u00eda usar este fallo para aumentar sus privilegios sobre el host."
}
],
"id": "CVE-2019-14835",
"lastModified": "2024-11-21T04:27:27.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.6,
"impactScore": 6.0,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-17T16:15:10.980",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/24/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/03/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2854"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2862"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2863"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2864"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2865"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2866"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2867"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2869"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2889"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2899"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2900"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2901"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2924"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/41"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4135-1/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4135-2/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4531"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/17/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/03/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/41"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4135-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4135-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/17/1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 01:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | imanager_neteco_6000_firmware | v600r010c00cp2001 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00cp2002 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc100 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc110 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc120 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc200 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc210 | |
| huawei | imanager_neteco_6000_firmware | v600r010c00spc300 | |
| huawei | imanager_neteco_6000 | - | |
| huawei | imanager_neteco_firmware | v600r009c00spc100 | |
| huawei | imanager_neteco_firmware | v600r009c00spc110 | |
| huawei | imanager_neteco_firmware | v600r009c00spc120 | |
| huawei | imanager_neteco_firmware | v600r009c00spc190 | |
| huawei | imanager_neteco_firmware | v600r009c00spc200 | |
| huawei | imanager_neteco_firmware | v600r009c00spc201 | |
| huawei | imanager_neteco_firmware | v600r009c00spc202 | |
| huawei | imanager_neteco_firmware | v600r009c00spc210 | |
| huawei | imanager_neteco | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00cp2001:*:*:*:*:*:*:*",
"matchCriteriaId": "57B9F1D8-043C-4F35-B82E-1B058A0E3E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00cp2002:*:*:*:*:*:*:*",
"matchCriteriaId": "5179F24D-E60C-4E2B-A7B7-E449B1A23EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "497DA2B2-A223-4DF4-8318-4D61A07DE89E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc110:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EABC8D-CF29-4EE8-AB12-52FD319E0451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc120:*:*:*:*:*:*:*",
"matchCriteriaId": "4868DB43-AAC0-4709-A624-5DEC440DC467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF23C0E-13A5-4048-BEF5-327914421B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc210:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4DC23A-5740-49FA-9357-31FD557A0CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:v600r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "18F19C7B-95A2-4E09-ABC0-0CFA84C0085E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8CFC69-D6E8-4163-AE0F-B85693F2555D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "485BDF37-6661-4BE6-9E8F-81789438BE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc110:*:*:*:*:*:*:*",
"matchCriteriaId": "E57422AB-3A4A-4607-BD5F-F2202DC98DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc120:*:*:*:*:*:*:*",
"matchCriteriaId": "A81E5DA2-A22D-4709-A6A1-BF1E9E4FE90F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc190:*:*:*:*:*:*:*",
"matchCriteriaId": "7E6BEE4A-AFD0-4618-8A0C-98FB34578924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEDC6F2-9B47-4CD7-922F-F1E44E70D3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc201:*:*:*:*:*:*:*",
"matchCriteriaId": "369D1CB7-F518-4FDA-8B91-5175AEBF8A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc202:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7E8838-96CF-4ACF-A40A-11C89D2D3289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:v600r009c00spc210:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC54B6E-69E3-4DDD-B2C3-22159285DE83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96479E8-2B4F-4149-B61B-79ECD0524A01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en la administraci\u00f3n de firmas en algunos productos de Huawei. Un atacante puede falsificar la firma y omitir la comprobaci\u00f3n de la misma. Durante el proceso de actualizaci\u00f3n del firmware, una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que el archivo de sistema forjado sobrescriba el archivo de sistema correcto. Las versiones de producto afectadas incluyen: iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300; iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210"
}
],
"id": "CVE-2021-37127",
"lastModified": "2024-11-21T06:14:41.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.710",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 01:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b060:*:*:*:*:*:*",
"matchCriteriaId": "24872541-A493-48BD-AA2C-7A976FF75F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc1.b070:*:*:*:*:*:*",
"matchCriteriaId": "D962B0A1-0725-4A6F-99EB-E6E42F03243B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b020:*:*:*:*:*:*",
"matchCriteriaId": "61EC963F-1160-43D4-B4E4-2CC2B209B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b030:*:*:*:*:*:*",
"matchCriteriaId": "2B7820BE-0307-40F3-A7BD-66D5B8C7A0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b040:*:*:*:*:*:*",
"matchCriteriaId": "AD086E38-D1F5-4160-A7A2-12E681F686CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b050:*:*:*:*:*:*",
"matchCriteriaId": "035E4DF1-4B17-448B-8A78-CD81F68D38CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b060:*:*:*:*:*:*",
"matchCriteriaId": "DDDB5BDF-9760-4EE6-947D-A633B9CC0D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b070:*:*:*:*:*:*",
"matchCriteriaId": "31787857-76F6-4E80-82B7-56B1C12B6628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1:rc2.b090:*:*:*:*:*:*",
"matchCriteriaId": "73901E08-8C24-46FB-A42D-6457630AA6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b010:*:*:*:*:*:*",
"matchCriteriaId": "463A4059-55EF-4862-B8AD-90DCAC0CC871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*",
"matchCriteriaId": "4042FC49-4FC7-46B4-8D14-ECACF22A9860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*",
"matchCriteriaId": "A4D8799F-9ADD-442F-BC39-4BCAFBFFBE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*",
"matchCriteriaId": "535597A4-29C8-44A8-9008-4F4E10030531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc100.b050:*:*:*:*:*:*",
"matchCriteriaId": "C59C64B0-D42D-4515-BD2B-4FE5C7F48BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b010:*:*:*:*:*:*",
"matchCriteriaId": "698B071C-FC52-40CD-BBA7-53426051F504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b040:*:*:*:*:*:*",
"matchCriteriaId": "F6461FE1-99CC-48E4-8134-F17D895511F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200:*:*:*:*:*:*",
"matchCriteriaId": "FE5AE38A-627F-4337-949D-A5811D6859EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b010:*:*:*:*:*:*",
"matchCriteriaId": "29FEC933-0E52-496B-A2B3-C84E65E5B430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b030:*:*:*:*:*:*",
"matchCriteriaId": "16F30BF5-4510-4AC7-8B12-6D4126C2DC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b040:*:*:*:*:*:*",
"matchCriteriaId": "37090D37-0CDF-464B-9509-4F465D20C8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b050:*:*:*:*:*:*",
"matchCriteriaId": "83B2B033-F12C-487E-8245-3F5BBF59BBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b060:*:*:*:*:*:*",
"matchCriteriaId": "1ADF4433-A950-4A00-A4F7-12F766B4C947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b070:*:*:*:*:*:*",
"matchCriteriaId": "7FF3EB4D-6892-4572-B1D6-6183FE8B8D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EFA5EBB8-C174-4CF0-ADE6-15B62C10DD86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcn080:*:*:*:*:*:*",
"matchCriteriaId": "EF638B61-21C2-4BCF-8EDA-549073776C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*",
"matchCriteriaId": "E9090F1E-EF60-4E54-9885-7F6B1681DE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "51E51969-9D4D-4A58-BEBD-19F4BD64BC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2A1E9FF8-C0A4-47A5-9738-4D0ADB35DAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*",
"matchCriteriaId": "7EDE7C94-7E89-45E6-8A79-32E53D9139DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47A8E919-FAC0-4011-927F-599AA7688A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2001:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5DA70B-2B2A-4D66-8D45-D37B0128DC01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp2002:*:*:*:*:*:*:*",
"matchCriteriaId": "47D66420-5D94-4757-BCDA-878628D83201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3001:*:*:*:*:*:*:*",
"matchCriteriaId": "27280804-63DD-416E-98E1-D68827A8B25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3002:*:*:*:*:*:*:*",
"matchCriteriaId": "135682EE-750C-40E5-B670-3413F75CA9BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3101:*:*:*:*:*:*:*",
"matchCriteriaId": "E138CC11-2FCF-49D6-A5D9-1640E6EB7DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00cp3102:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D15126-6131-45DA-943B-3B5246C1DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "DF27593A-5B5D-42F8-8826-7B5AE71D0017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc110:*:*:*:*:*:*:*",
"matchCriteriaId": "B61166A9-71C0-4DAD-B12A-09E60BC2185A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc120:*:*:*:*:*:*:*",
"matchCriteriaId": "65650D52-CF29-4A80-B026-FFC758AEE209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "E09E6692-73D6-4EAE-902B-B1C04EA707C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc210:*:*:*:*:*:*:*",
"matchCriteriaId": "74B4D132-7977-4137-A5E3-3730FE63CC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7DC28E-0473-4D40-BF89-E90983070F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:v600r010c00spc310:*:*:*:*:*:*:*",
"matchCriteriaId": "58E64AEF-5493-40D8-B992-3E6BEA38AE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2201:*:*:*:*:*:*:*",
"matchCriteriaId": "66B67DA3-781D-47BA-941B-475DB4D8EDF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00cp2301:*:*:*:*:*:*:*",
"matchCriteriaId": "15AAA803-8D92-44A7-B199-8847F39DB9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F48421A9-58FC-4144-AE9F-9B82818EF62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc110:*:*:*:*:*:*:*",
"matchCriteriaId": "41237B91-3778-48C7-BBDD-A56957390F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc120:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B056BA-73D9-4E1A-B865-838D3CEB47B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc190:*:*:*:*:*:*:*",
"matchCriteriaId": "84300143-1A0C-4172-BAC3-AFDAC85C7F2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A355E-DEAD-49E7-8A3E-3D474525EB5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc201:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8B49FD-1F1C-42D6-B65A-839D0719F23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc202:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAF9CE1-6489-4DF9-A559-803291CA2A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc210:*:*:*:*:*:*:*",
"matchCriteriaId": "94B7FBF4-57D3-4F15-B614-FF4A707F85D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc220:*:*:*:*:*:*:*",
"matchCriteriaId": "9E007CA7-E6E2-4391-9889-9029C8EDEC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc221:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5A03CC-A585-4DD1-B6DD-7B126E3D616D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc230:*:*:*:*:*:*:*",
"matchCriteriaId": "0A387DDE-C053-45A1-BE44-E643CAB35B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:v600r009c00spc232:*:*:*:*:*:*:*",
"matchCriteriaId": "50B76F15-9FE3-41C1-80A8-68CAAEBB6D71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n CSV en ManageOne, iManager NetEco e iManager NetEco 6000. Un atacante con altos privilegios puede explotar esta vulnerabilidad mediante algunas operaciones para inyectar los archivos CSV. Debido a una comprobaci\u00f3n de entrada insuficiente de algunos par\u00e1metros, el atacante puede explotar esta vulnerabilidad para inyectar archivos CSV en el dispositivo de destino"
}
],
"id": "CVE-2021-37131",
"lastModified": "2024-11-21T06:14:42.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.863",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-14 17:15
Modified
2024-11-21 04:51
Severity ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:blackberry:blackberry:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8239084-1BAF-48F8-A57C-BEB0036DA346",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47E54551-6C9D-4E0C-AE9F-7585B0513B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E84CE847-550E-445B-8972-2FB5BCF6B04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "04D7DAFB-DEE4-4A71-A27C-0E34426AACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCF5B87-0AAD-4030-B439-B58990ED31DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "655F7FDF-5E6F-4984-8EBA-95B49BB14A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73DE60EC-0D7E-4D02-B7F1-AA0799088FE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host_eus:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9708C6C-5DD1-43D8-8BD4-71BAFC3C997B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D067B04-CDF9-4395-83FA-17145267BA18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5749E2F6-8B59-439C-9E60-49466C2DD157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F8F038-6115-445E-AFCB-974BAAEBD876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"matchCriteriaId": "36E85B24-30F2-42AB-9F68-8668C0FCC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CB3640-F55B-4127-875A-2F52D873D179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E082C33-2F83-4AF1-A91D-94EF05DE98A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "803D7386-1E7C-451E-A52F-91B6039BB97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1995855A-1883-412D-B629-5436E881FF08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A577297-C186-4CC4-A67D-DE7AB46FC08F",
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43F6F4AE-1938-4E92-8DBD-A80B703EDCA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27438A38-0793-4719-BEB2-2CC44553E058",
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C56298B1-7923-44E1-B9D5-78C030792209",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-tl00c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F34FF7B9-D8B6-4C2E-A9E6-CBF407F60DDF",
"versionEndExcluding": "9.1.0.165\\(c01e165r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-tl00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D3E8A-E271-4857-BC1F-DBC69C564530",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:asoka-al00ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71BA8A3E-0112-4904-85A2-E483627874CA",
"versionEndExcluding": "9.1.1.181\\(c00e48r6p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:asoka-al00ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2C06DA-9060-468D-A89F-F5C5EE3297E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l33_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B380CA3-F13A-427D-874B-B8D632DDF5AB",
"versionEndExcluding": "8.0.0.147\\(c605custc605d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F378F7-5CE8-4499-8537-6FD99026DB6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l41_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B15BAD-ACCC-44D7-A942-3E5DAFE1ED1C",
"versionEndExcluding": "8.0.0.153\\(c461custc461d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l41:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1129F1-BE98-456D-AB43-DFC5859635DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l42_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "697C30E8-BB17-44F3-8DA4-AEF9D15222ED",
"versionEndExcluding": "8.0.0.155\\(c636custc636d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73932E23-6868-4A1C-B1CC-8F4E36A7114A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7282513-0D84-4A2D-A4DC-491C8F4C7184",
"versionEndExcluding": "9.1.0.329\\(c786e320r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D6D9B-335B-404C-88F3-590DF9E5D878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8979842F-0AD8-47BA-87A1-02F13EB145EA",
"versionEndExcluding": "9.1.0.300\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00BED6E8-D790-4A57-AA1E-4A2D04832594",
"versionEndExcluding": "9.1.0.329\\(c01e320r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4035199-8628-468D-BE58-17892D063357",
"versionEndExcluding": "8.0.0.366\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FA823EC-2A56-4C48-8FB5-317B6ED81E40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82D57889-9678-4A25-B352-65A99104B72E",
"versionEndExcluding": "9.1.0.332\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36EF5C3-FF4A-4849-97C3-FD4BC05FBCD5",
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE70011-5F76-460B-ABB5-7C738B0AB2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cairogo-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1EFD33-BC40-4DB6-B2CB-FFA616B6A65B",
"versionEndExcluding": "cairogo-l22c461b153",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cairogo-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "700FA8F3-B729-44E2-B56F-D80292BF460F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A8F9DA-FF8D-40C5-9CD4-66AF719DC1AC",
"versionEndExcluding": "9.1.0.311\\(c605e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B37F0AE0-C461-4B70-B790-9606E2D27E0F",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F63CA2F-45B8-4DD3-81AE-8359929AE50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3905BE38-3C2C-4B0D-B804-15A87B9DA244",
"versionEndExcluding": "9.1.0.335\\(c675e8r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF16336-9CFE-4D67-852B-4C356E3C5951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7B01B2-E3BA-49CF-B651-85404988A481",
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-tl00d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25176953-B380-49C7-BE67-A4053DCEBADB",
"versionEndExcluding": "8.1.0.186\\(c01gt\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE1BB06-0403-4F46-AF76-DAD85D538907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C41EF-6F24-4477-A32F-BEE404E4388E",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5193B7-6F3F-4249-BB74-62480893CAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344A5958-037B-4AB5-8B8E-A4FC948C95A7",
"versionEndExcluding": "9.1.0.363\\(c675e3r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BB30EE-ECCE-4697-A990-F910F3B5C2B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00ind_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAC1975-0955-42EF-8242-52BEE2BDE008",
"versionEndExcluding": "8.2.0.141\\(c675custc675d1gt\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34AECCA8-6B67-4DF5-A6C9-A6F333664950",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al10ind_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C87563-3724-4B7F-8F33-C0B09694B164",
"versionEndExcluding": "9.1.0.363\\(c675e2r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al10ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9A40E-51BC-458D-ADE6-EA680F23F2B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5589A1A9-0214-4391-BBD2-932FF53B2002",
"versionEndExcluding": "9.1.0.336\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D952E67-D771-48DF-A4A9-69D6FFABE2CE",
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F60E9A-0ACB-4E44-ADFB-771C695FCF08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dubai-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6995D12-C03B-4380-BCE8-5DE2DC97E198",
"versionEndExcluding": "8.2.0.190\\(c00r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dubai-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A1EE4A-1539-4FD7-B5D8-D3725CB3A843",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE2E6C4-BADF-4215-B31E-CCF399270B83",
"versionEndExcluding": "1.0.0.182\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC591FA6-55E1-4628-AE43-CD1E2A4980E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dura-tl00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86C43B18-C1BF-4DB9-92D2-D9E333F73CE3",
"versionEndExcluding": "1.0.0.176\\(c01\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dura-tl00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E269DC2-682C-49B7-8492-F8622572C785",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF895541-98C9-4520-9CAF-36CA963F9BA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3631A567-0F95-4477-B2DC-D1B09736140D",
"versionEndExcluding": "9.1.0.338\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D28EB2-8919-4AD2-8455-194B8AB14FFB",
"versionEndExcluding": "9.1.0.160\\(c605e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D1377E-92E6-472A-9734-D5DA1C8319A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\\(c652\\):*:*:*:*:*:*:*",
"matchCriteriaId": "05C2AFA5-D4B0-414D-8894-7DBF020C3A40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFFCE6B-14C3-459B-B7CB-B8380AAAD19F",
"versionEndExcluding": "9.1.0.130\\(c01e115r2p8t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88BDA8C0-CD09-418F-A334-E54B8E458D05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AED8A17-5120-4F1F-819B-C2592FC73411",
"versionEndExcluding": "9.1.0.128\\(c00e112r1p6t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF7DFEE-5C99-4C65-B3D8-AEE21E81A6BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE9BC91-0596-483E-8D2C-431A72A56797",
"versionEndExcluding": "9.1.0.150\\(c185e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CD5EEC-DA40-4B35-A2CD-6F48147F0810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F91DCF-B3DF-4087-A608-0E6A06DE6FA4",
"versionEndExcluding": "9.1.0.150\\(c636e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1387541-860F-43AE-809B-AFA9338DC378",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6498D22-6C7C-4E66-BAD7-20CFC297FBF5",
"versionEndExcluding": "9.1.0.154\\(c605e7r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2DAC5-FD49-4DC2-854E-71DACE1BC643",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E7E0ED-EB2E-4A55-B81D-8ECE3FD3AE58",
"versionEndExcluding": "9.1.0.128\\(c01e112r1p6t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4776C729-200A-4D86-B635-185B65FC2570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFA597A-ECA8-49E5-A1D9-44E1D1E51DD1",
"versionEndExcluding": "9.1.0.143\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A12E685-F91D-4C04-82C5-61A9BA317A42",
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3FB528-5C26-446F-9985-E325AB87203B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483669DB-D71C-48BD-BA29-B971C4D423A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18031A60-6047-43E5-A75D-4BF44532EFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AE3143-67EB-49B3-8B1D-DB34CCE3829C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E3D35A-F979-48D0-92F8-1DBFF7BD2562",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B141C85-AFD2-4D7C-8B72-A065B3C905F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67931720-1EED-43CB-BB7B-BC0CCA773AC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F53673-A878-4935-A992-E6F61D41FD24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE96D0C4-D43B-4AB3-A712-45F4F7F17BB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A26F9E66-8070-4884-87D1-BD87E189B10C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y5_2018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BECFA24-FBD8-4320-B5C9-CDD3D5338582",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y5_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFBD5328-0BFF-49F7-B2EC-E73BC6D41FF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y5_lite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6AA13E-9801-401E-8E86-EE48C9BA5CAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y5_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA384300-C2B6-43B8-98F1-94488DA6CB06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB50358-E75A-4B53-8780-D46F9D8B0F54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7053C3-4EB2-438E-9544-41ACF7A91057",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_prime_2018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EA662-A8E3-45E5-A4C6-8C5E12AEA2E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_prime_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4033E6E-FFFA-40D5-9AB9-D1497AB5C314",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_pro_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED2D400-55BD-437F-A98C-1E3299590B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1F9660-41E0-4536-8032-57AD3E844A94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y7_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B60AB519-4416-44F6-BF9D-20E24BA0B502",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y7_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5510EA-9A5A-4F72-AE40-AACFE58D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y9_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A87C804-7DAA-47E2-A587-1D7541462BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBC9263-82BB-4B33-B682-A7B1A65D1577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF68FFB0-01F8-4937-8BF4-36866F02E9A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE87ADA6-7085-4ADA-B8F7-D863A1765580",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07D1E240-F1DE-4FC0-84B7-873978A9A6B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94DF684B-8BDD-4035-A8C7-2B565544CB81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF67964-B009-4209-B281-49055829BB4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_5i_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BED229-03B1-43C2-9239-DAA5C9BD4F40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_5i_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C9D864-8A1E-475B-94B3-522D23D91288",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28304195-13E1-4757-B07C-34FBA1DDA061",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A46BA4B6-A387-4D51-9278-CABE5E2C224B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF9FAC4-0A8C-463C-8E5C-64E33D145E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41532B6-FE2A-4174-B1AA-074F08B64DEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2BE361-1412-455E-A553-0CA9D14E4C1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-tl00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5067B8-4862-48CB-B6A2-E3191314EED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E31013C1-26DA-4A6D-BBD4-BF0630EEEB66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F68969-FB0A-4B51-9F67-DE5021EFABAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_10_lite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFF1E9-D82D-4301-87FD-A8B6B7C9B75F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A298082-CC80-4316-9AEB-9E8F8B52EE88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB09814B-81B3-4236-B3AE-EAE800678D2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B72EBDE-1020-4177-BFC0-2E968FB17C29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E788B81C-69DB-4A13-AC70-1E17120CB82E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEA5A51-8067-4160-B115-085A529CD987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jakarta-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6067DA42-ECDC-4D11-813F-9C67CC8055AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44E124FE-9F3E-4A89-9DFB-2ACEF751BA82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8A8714-83BD-49B7-86E8-3224DD02344E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "566629E0-84F2-4DFA-A20E-2D20C472E4B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79F89951-0A96-4424-B1E3-30488876BDF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0075F84C-492C-408D-941B-274A0A0C3B82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:katyusha-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0B00D-B846-4771-9D3B-4ACE59DD0C5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:katyusha-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E3A00A-6EB8-4E04-B1BC-E7663C9C1EA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4A88E4-D37E-49CC-B4A4-86CBD030131E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l21a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6A6123-2AC6-407F-8D1C-8A148889946E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A663ACC5-FC2D-4FD7-BA9E-55344E257D4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l31a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "697FC0BE-4EE7-41B1-B19D-6BB1377C81A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l31a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "059598D5-E1FC-4727-A29C-5904FDFA4EA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l32a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE3288B-7A63-474E-9CF6-A78C74AA2049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7704B5F-4164-477C-A528-2998092C81D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l32c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBA5685-AB27-4BB2-BF66-8DDEA4B25158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F935A0-E7B2-4281-8D36-EB19358061D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l42a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6983D6A-DE3C-43F5-B827-665F979E127D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l42a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C03D17FC-0921-41D2-B193-26163AEFE8F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l42c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C067242F-C4BC-4EB2-86A5-FA508241C29D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l42c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D10E950B-FDF6-4E22-9D88-60D0225466E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-tl10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E8438F-9D3B-4565-AC01-AC4729B4C2A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB8A667-95DE-4087-8418-49F5ACE194BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-tl10c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A9BC1A3-62D9-4C51-A850-C44DC5A7DA61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11CB58EA-972E-460F-95F4-5413E05DA04C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5C8248-26DB-4423-A6C9-56788C9ED5CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD659D6-F838-4668-901A-0C17AB18E7C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D184ED2-0C47-41A5-9DDB-E0872249D080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68BCAF57-9BF8-4EB0-B6FB-1B40737FFC9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al10d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD41E18-2981-43FF-8FF5-41EE3775DC6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F33CAF53-20C8-4AB2-B728-80B6F7B5FA2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ADF3A6-9F52-4BFF-8FFB-E60E971AF98D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "842AB2B6-2C7A-4681-ACB7-E642E5D9D76D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D29D20-4F3B-4B6B-90AC-315652E47DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80D7FA39-2EE4-49F8-9EF4-009304DB6108",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A24E0E52-6C3B-4B4B-8F32-9467B9E56CB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A956F54-5B4B-4103-BA45-88F8FF7D9FD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:london-al40ind_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EAB36F5-50CC-4A8C-94D3-F0E001BDEC7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:london-al40ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9452809-D19E-4B63-9B84-BBD8AB4485E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:madrid-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA8110C-64B9-4346-9E46-44E87778EA2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:madrid-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8B2A97-DA47-40C8-8DB5-1AE1A89559A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:madrid-tl00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4137623C-6736-44C9-8446-22CE5DE10797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:madrid-tl00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00EE1329-D545-43F2-8D14-CBA53F3F8EFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:neo-al00d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65161544-ACCE-4281-9B15-DD1A732A6218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B07FEC-514D-4A51-B26B-02254A867DC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-al00ic_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "368F7A8F-B0F4-4E5C-ADB2-5EB8D3F831C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-al00ic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042B7861-608F-4F0C-BF5E-FF2455C9BE79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "632F1A63-66BE-43AF-A0FA-968D4728E2C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3765F0-677E-48FA-8A70-8F5A69660DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21meb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0531C9-2B62-40E1-8F95-430BCD42BB34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010590E4-2979-4AE3-9B94-7C1BC5CE0533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l29b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC2BEB-0A61-4C3A-8CA4-674E5FEDC859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143485B2-5216-4190-8306-63D12362F6AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF87777-1D49-4EC9-9F5F-22090F78AF11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34141B01-DA8B-4029-B275-395AC11C40C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al10a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4E204F-462B-4743-B87B-1CB4D4DE8D29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF01A3C-2E60-45B8-8D4E-58B5710FC40C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8E4F26-E50C-4D06-A183-1BC9F1B9072F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4571D5E3-E327-4C04-939E-66B5A9D0CC18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-tl10c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E996FA3-91E7-42EF-A73F-6948A855F886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35F6A54F-E004-4BE7-A6A6-3E7C300DC498",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-al00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4118EE5-084A-4DA3-B8D4-6EAC2729A2C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A35E71-4D6A-494D-882B-987CE16E3467",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6049D750-284C-4A03-95B6-1A7A0CC21BD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21br_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF481690-3033-466D-966D-C9F65E6212A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD953016-2468-40BD-8383-9105BA297C26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5D16B5-6AC5-455D-AFD7-7E01E37DC5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40DAF023-9D20-4262-B5BE-F3C61906C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22br_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0FE590-B043-4E4D-BC72-C0163ACDC194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C17CF-D4AA-460E-815F-32FB5C8702A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-tl00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5072B124-1290-417C-ADEB-F39C294F23A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4A324E-CF87-4C79-B42A-F5B3B7CEFE6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-al00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58742692-675E-4546-AB6F-8E57ECBA7C09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DDCF56-3362-4DCD-9C7C-7D87D0F5A75D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l03_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F3A6D05-7BC6-4FCF-BAAF-53B13008F783",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "283A05FB-8A2D-4675-870A-A804B7161941",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5349FCB9-93CB-4945-96EA-89CBE613082D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l23_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5E0EB1-5CBC-420F-8F3D-43C309C75A0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58B13F37-2D12-490A-9757-2B1EDE00FB97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-tl00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F488BE9A-5B94-4D3B-9512-9BB8DA5E0391",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA51C4-E32B-4EE5-9702-339789D62213",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "562D05D2-CC9E-4973-9E8D-B40C0ED6C721",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al50a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7927B88C-7CDC-45E7-A80F-B192C0AE13ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77360A45-7501-4243-812A-D8C3403D1F03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B42EC-D142-4B36-BDFE-8091BB06B017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l61c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4168BC18-420C-42A8-B662-78D2500A4D89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l61c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C273A8B6-E86E-4E1B-8EEC-A84837B297F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-tl00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88A0C1C5-2870-4187-B899-1334572B7F87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yalep-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D2E47E-4A03-49DD-894D-35173EC98A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D81385-913B-4A38-A712-41CAE7B78DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2287FD-97E0-4A11-B650-0C292A916650",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96479E8-2B4F-4149-B61B-79ECD0524A01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3D22C1-B967-4AAD-AEE8-7357F1AF4C3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8CFC69-D6E8-4163-AE0F-B85693F2555D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7087288-2C19-4DDA-A0CD-419683391002",
"versionEndExcluding": "9.1.0.306\\(c185e2r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "126D381D-C88E-4404-9142-10002B2EB99E",
"versionEndExcluding": "9.1.0.306\\(c432e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25595943-0ED9-4CF7-99AF-373C96E9FD12",
"versionEndExcluding": "9.1.0.306\\(c636e2r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5F5DEE-631C-45B2-BEC7-CDE64F0F2077",
"versionEndExcluding": "9.1.0.307\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB64041-1B61-490E-BA4D-08F9B178CD7D",
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA96859C-81F6-4227-B228-BF6C82451A1B",
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60FA31C3-4B67-40F9-9E39-92F7E25F50A0",
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54983533-DFE0-4572-B95B-2F59247D5D28",
"versionEndExcluding": "9.1.0.325\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD911F9-31B9-4DE3-BC78-F40E4C6F1904",
"versionEndExcluding": "9.1.0.328\\(c432e5r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "510223BA-A1EC-4408-AA5B-8BD93A6C39BF",
"versionEndExcluding": "9.1.0.328\\(c782e10r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2B4309-0AA2-49A5-A103-0FD0CC893E04",
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77C9A1A-0B19-4976-8070-E3D79124C466",
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1177D77-6C80-4FAA-8AC0-AA9A0B0FA9D7",
"versionEndExcluding": "9.1.0.350\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9DF73A-C61A-4043-A4D4-61A544B41E0A",
"versionEndExcluding": "9.1.0.341\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D10206F8-D91D-4AB0-93F3-F39740DA707F",
"versionEndExcluding": "9.1.0.342\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8360DEA6-D200-4C43-B82C-A7BF86E31B9F",
"versionEndExcluding": "9.1.0.347\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9356FA3A-1DCE-4382-BDE5-B6FBBD294352",
"versionEndExcluding": "9.1.0.311\\(c461e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49A47A99-E952-4EA6-82EF-0C0099F086CF",
"versionEndExcluding": "9.1.0.325\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF430412-8A6C-4E8C-8904-D8FA39A9E36A",
"versionEndExcluding": "9.1.0.325\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7057F392-1D2F-4B69-9500-4D4BA20EC3FA",
"versionEndExcluding": "9.1.0.326\\(c635e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "392B15A3-61D7-4FE1-A514-5D0B2F7E9A11",
"versionEndExcluding": "9.1.0.328\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65F6CFE8-5071-4419-9E30-1748692EE236",
"versionEndExcluding": "9.1.0.122\\(c09e7r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB72B761-E0C1-4728-AB85-2A833420DEB8",
"versionEndExcluding": "9.1.0.137\\(c33e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1364E52C-AD75-4778-AC90-E9ADC243B507",
"versionEndExcluding": "9.1.0.137\\(c530e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A33ED9A6-9818-4EE9-A22F-750B852789C1",
"versionEndExcluding": "9.1.0.158\\(c432e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E19C3F4-998D-43C1-B371-CFECBAB5AF31",
"versionEndExcluding": "9.1.0.165\\(c10e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C0DC76-8986-449D-B098-2EB7CA4228BB",
"versionEndExcluding": "9.1.0.150\\(c432e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CD5EEC-DA40-4B35-A2CD-6F48147F0810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A950FF3A-8934-4788-AAF1-28C139EFEA63",
"versionEndExcluding": "9.1.0.149\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A12E685-F91D-4C04-82C5-61A9BA317A42",
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDADE368-D2EB-4DA9-A32E-9DE30BEE927D",
"versionEndExcluding": "9.1.0.154\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E341C6A4-BA77-4002-BC06-475ABFFEBFFB",
"versionEndExcluding": "9.1.0.154\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81C06F1A-9DAF-41EC-93D1-F61CD36D3471",
"versionEndExcluding": "9.1.0.155\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E688C7-4152-446F-AFBD-710622835A48",
"versionEndExcluding": "9.1.0.170\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4403D2-BAA4-4392-A453-5F1B28E8FA4F",
"versionEndExcluding": "9.1.0.170\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CF3193-1EB6-4792-BD23-3C1C243A3E3B",
"versionEndExcluding": "9.1.0.171\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FCD8C1-C635-4806-839E-14DC0CB3B4E2",
"versionEndExcluding": "9.1.0.172\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
},
{
"lang": "es",
"value": "La especificaci\u00f3n de Bluetooth BR/EDR incluyendo versi\u00f3n 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociaci\u00f3n de longitud de clave. Esto permite ataques pr\u00e1cticos de fuerza bruta (tambi\u00e9n se conoce como \"KNOB\") que pueden descifrar el tr\u00e1fico e inyectar texto cifrado arbitrario sin que la v\u00edctima se d\u00e9 cuenta."
}
],
"id": "CVE-2019-9506",
"lastModified": "2024-11-21T04:51:45.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "cret@cert.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-14T17:15:11.597",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-37127
Vulnerability from cvelistv5
Published
2021-10-27 00:31
Modified
2024-08-04 01:09
Severity ?
EPSS score ?
Summary
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | iManager NetEco;iManager NetEco 6000 |
Version: V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300 Version: V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager NetEco;iManager NetEco 6000",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300"
},
{
"status": "affected",
"version": "V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Signature Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:31:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager NetEco;iManager NetEco 6000",
"version": {
"version_data": [
{
"version_value": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300"
},
{
"version_value": "V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Signature Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37127",
"datePublished": "2021-10-27T00:31:45",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37131
Vulnerability from cvelistv5
Published
2021-10-27 00:29
Modified
2024-08-04 01:16
Severity ?
EPSS score ?
Summary
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ManageOne;iManager NetEco;iManager NetEco 6000 |
Version: 6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B090,8.0.0,8.0.0-LCN080,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3 Version: V600R010C00CP2001,V600R010C00CP2002,V600R010C00CP3001,V600R010C00CP3002,V600R010C00CP3101,V600R010C00CP3102,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300,V600R010C00SPC310 Version: V600R009C00CP2201,V600R009C00CP2301,V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210,V600R009C00SPC220,V600R009C00SPC221,V600R009C00SPC230,V600R009C00SPC232 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:02.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ManageOne;iManager NetEco;iManager NetEco 6000",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B090,8.0.0,8.0.0-LCN080,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3"
},
{
"status": "affected",
"version": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00CP3001,V600R010C00CP3002,V600R010C00CP3101,V600R010C00CP3102,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300,V600R010C00SPC310"
},
{
"status": "affected",
"version": "V600R009C00CP2201,V600R009C00CP2301,V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210,V600R009C00SPC220,V600R009C00SPC221,V600R009C00SPC230,V600R009C00SPC232"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSV Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:29:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ManageOne;iManager NetEco;iManager NetEco 6000",
"version": {
"version_data": [
{
"version_value": "6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC1.B070,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B090,8.0.0,8.0.0-LCN080,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3"
},
{
"version_value": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00CP3001,V600R010C00CP3002,V600R010C00CP3101,V600R010C00CP3102,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300,V600R010C00SPC310"
},
{
"version_value": "V600R009C00CP2201,V600R009C00CP2301,V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210,V600R009C00SPC220,V600R009C00SPC221,V600R009C00SPC230,V600R009C00SPC232"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSV Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37131",
"datePublished": "2021-10-27T00:29:32",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:02.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14835
Vulnerability from cvelistv5
Published
2019-09-17 15:09
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Linux Kernel | Linux kernel |
Version: from version 2.6.34 to 5.2.x |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/17/1"
},
{
"name": "USN-4135-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4135-2/"
},
{
"name": "FEDORA-2019-e3010166bd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/"
},
{
"name": "RHSA-2019:2827",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"name": "RHSA-2019:2828",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"name": "RHSA-2019:2830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"name": "RHSA-2019:2829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"name": "RHSA-2019:2854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2854"
},
{
"name": "RHSA-2019:2862",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2862"
},
{
"name": "RHSA-2019:2863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2863"
},
{
"name": "RHSA-2019:2866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2866"
},
{
"name": "RHSA-2019:2864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2864"
},
{
"name": "RHSA-2019:2865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2865"
},
{
"name": "RHSA-2019:2867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2867"
},
{
"name": "RHSA-2019:2869",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2869"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html"
},
{
"name": "[oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/24/1"
},
{
"name": "openSUSE-SU-2019:2173",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"name": "RHSA-2019:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2889"
},
{
"name": "openSUSE-SU-2019:2181",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "20190925 [SECURITY] [DSA 4531-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/41"
},
{
"name": "DSA-4531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4531"
},
{
"name": "RHSA-2019:2900",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2900"
},
{
"name": "RHSA-2019:2901",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2901"
},
{
"name": "RHSA-2019:2899",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2899"
},
{
"name": "RHSA-2019:2924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2924"
},
{
"name": "USN-4135-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4135-1/"
},
{
"name": "[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html"
},
{
"name": "FEDORA-2019-a570a92d5a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/"
},
{
"name": "[oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/03/1"
},
{
"name": "[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/3"
},
{
"name": "[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/7"
},
{
"name": "RHBA-2019:2824",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel",
"vendor": "Linux Kernel",
"versions": [
{
"status": "affected",
"version": "from version 2.6.34 to 5.2.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel\u0027s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T12:06:07",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/17/1"
},
{
"name": "USN-4135-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4135-2/"
},
{
"name": "FEDORA-2019-e3010166bd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/"
},
{
"name": "RHSA-2019:2827",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"name": "RHSA-2019:2828",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"name": "RHSA-2019:2830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"name": "RHSA-2019:2829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"name": "RHSA-2019:2854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2854"
},
{
"name": "RHSA-2019:2862",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2862"
},
{
"name": "RHSA-2019:2863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2863"
},
{
"name": "RHSA-2019:2866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2866"
},
{
"name": "RHSA-2019:2864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2864"
},
{
"name": "RHSA-2019:2865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2865"
},
{
"name": "RHSA-2019:2867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2867"
},
{
"name": "RHSA-2019:2869",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2869"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html"
},
{
"name": "[oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/24/1"
},
{
"name": "openSUSE-SU-2019:2173",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"name": "RHSA-2019:2889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2889"
},
{
"name": "openSUSE-SU-2019:2181",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "20190925 [SECURITY] [DSA 4531-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/41"
},
{
"name": "DSA-4531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4531"
},
{
"name": "RHSA-2019:2900",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2900"
},
{
"name": "RHSA-2019:2901",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2901"
},
{
"name": "RHSA-2019:2899",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2899"
},
{
"name": "RHSA-2019:2924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2924"
},
{
"name": "USN-4135-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4135-1/"
},
{
"name": "[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html"
},
{
"name": "FEDORA-2019-a570a92d5a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/"
},
{
"name": "[oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/03/1"
},
{
"name": "[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/3"
},
{
"name": "[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/7"
},
{
"name": "RHBA-2019:2824",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-14835",
"datePublished": "2019-09-17T15:09:37",
"dateReserved": "2019-08-10T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9506
Vulnerability from cvelistv5
Published
2019-08-14 16:27
Modified
2024-09-16 19:14
Severity ?
EPSS score ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"N/A"
],
"product": "BR/EDR",
"vendor": "Bluetooth",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"datePublic": "2019-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-30T10:06:23",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"title": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation",
"workarounds": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "KNOB",
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2019-08-14",
"ID": "CVE-2019-9506",
"STATE": "PUBLIC",
"TITLE": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BR/EDR",
"version": {
"version_data": [
{
"platform": "N/A",
"version_affected": "\u003c=",
"version_name": "5.1",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "Bluetooth"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#918987",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"name": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html",
"refsource": "MISC",
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"name": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"name": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/",
"refsource": "CONFIRM",
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
]
},
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9506",
"datePublished": "2019-08-14T16:27:45.059869Z",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-09-16T19:14:13.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}