CVE-2021-30304

{"id": "CVE-2021-30304", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "product-security@qualcomm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-10-20T07:15:08.737", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin", "tags": ["Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity"}, {"lang": "es", "value": "Una posible lectura fuera de l\u00edmites del b\u00fafer debido a una falta de comprobaci\u00f3n del recuento y la longitud del TBTT mientras se analiza la respuesta de la baliza en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity"}], "lastModified": "2021-10-26T18:46:28.613", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sc8280xp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17DD3A37-2A46-4267-B99D-E10DEA3F5A90"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sc8280xp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62B4980E-B38F-401A-9E3D-EDD9FE7A11A6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}