CVE-2021-21723

{"id": "CVE-2021-21723", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-01-26T18:16:18.803", "references": [{"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014424", "tags": ["Vendor Advisory"], "source": "psirt@zte.com.cn"}, {"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014424", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-401"}]}], "descriptions": [{"lang": "en", "value": "Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12."}, {"lang": "es", "value": "Algunos productos ZTE presentan una vulnerabilidad de DoS. Debido al manejo inapropiado de la liberaci\u00f3n de la memoria en algunos escenarios espec\u00edficos, un atacante remoto puede desencadenar la vulnerabilidad al llevar a cabo una serie de operaciones, resultando en una p\u00e9rdida de memoria, que eventualmente puede conllevar a una denegaci\u00f3n de servicio del dispositivo. Esto afecta a: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; todas las versiones hasta V1.01.10.B12"}], "lastModified": "2024-11-21T05:48:52.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxr10_9904_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4944E354-3041-46F1-A74B-82CC750273D8", "versionEndIncluding": "v1.01.10.b12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxr10_9904:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1747E7A-AB46-4D3C-BD82-659DAA58C43A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxr10_9908_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "722F3591-8D28-4D42-BF33-C67169F21BC3", "versionEndIncluding": "v1.01.10.b12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxr10_9908:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F83A1243-E923-4735-AC8D-875605530747"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxr10_9916_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F35755D-7919-4CC5-B9CA-E88FD4483D4C", "versionEndIncluding": "v1.01.10.b12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxr10_9916:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1DE8F4A-8A42-4C1C-82EA-85543F5E805D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxr10_9904-s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85884147-B665-404A-8117-4519732F7C1D", "versionEndIncluding": "v1.01.10.b12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxr10_9904-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78D0B84F-0C58-41C3-8083-BD74E9D0118D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxr10_9908-s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0602358F-5958-4172-AB42-8C77853A5347", "versionEndIncluding": "v1.01.10.b12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxr10_9908-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "813FBCBD-4900-49C7-B0E2-C75DD3788694"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@zte.com.cn"}