{"id": "CVE-2021-22321", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2021-03-22T20:15:17.613", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en un producto de Huawei. Un m\u00f3dulo no puede tratar operaciones espec\u00edficas en escenarios especiales. Los atacantes pueden explotar esta vulnerabilidad al realizar operaciones maliciosas. Esto puede causar un uso de la memoria previamente liberada, comprometiendo el servicio normal. Los productos afectados incluyen algunas versiones de NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700, S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 y USG9500"}], "lastModified": "2021-03-24T20:32:07.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C"}, {"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A91097D-76DB-4E5D-B520-6BF22E73BEFF"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D085F205-5C80-4A34-89A9-54F9FB8F2F69"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80"}, {"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D"}, {"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198"}, {"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD"}, {"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74B7C57C-7CD4-4FF0-BE51-2F4794FED7AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}