{"id": "CVE-2021-37129", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-10-27T01:15:07.763", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei. La vulnerabilidad est\u00e1 causada por una funci\u00f3n de un m\u00f3dulo que no verifica correctamente el par\u00e1metro input. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una escritura fuera de l\u00edmites conllevando a una condici\u00f3n de denegaci\u00f3n de servicio. Las versiones de producto afectadas incluyen: M\u00f3dulo IPS V500R005C00,V500R005C20;M\u00f3dulo NGFW V500R005C00;NIP6600 V500R005C00,V500R005C20; S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10; S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20"}], "lastModified": "2021-10-28T17:04:45.680", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884"}, {"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91B37BC-F4FD-499A-918E-6396251A0F5F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030"}, {"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FEB99CA-7B73-4633-9F9C-9AF54B0A43FA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "975CEC1E-D82C-45AD-B920-80961221C0BA"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9824CC2-7B77-4FD7-9509-49FA0D94AF4A"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0442199D-AF21-44E8-B604-7D64129FD25D"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2ED767D-2826-4ECD-8C59-B688AC54B0CD"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A630BDAD-C254-4107-9593-1E9FB415C138"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B11D63D0-072D-4E44-B254-491974603C7E"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "913DDCCC-0A91-458D-8A74-E4B9E9A71EC7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FCC64B5-1BB4-4A4B-983F-D1D986CA506E"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32CA1299-EA8A-4A24-96AA-DC3C5C3B9701"}, {"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20386C76-4480-47ED-99AD-7ADBE41C3364"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4676DA03-36A6-40B1-BA74-75260083D10A"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C4217C-0FBB-46BC-B108-F53A2AF259E7"}, {"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "744381A0-4E85-4F0C-881B-DF2F7E1DB186"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D60424B-15CE-415E-8E6C-34E5DC52E6C4"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46FDAD12-710C-4FE1-950F-B57810649C16"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F402F7DA-6BDF-4C53-B33B-3D8FE1B14506"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "238025D5-0E08-4708-BA6D-6E6560814525"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE1FCE-5E38-4436-96B9-57DE026BDE7A"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F2F0768-EE4C-408B-8FDD-87CBC4970688"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8030D59B-D7AC-4155-B23C-0E77603F9DEB"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC7D191A-1496-4A38-BD9B-4222A9CA31BE"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4342AD2-7764-4447-9341-78DF30E20416"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C57D09-618F-44B0-86A8-5BAC25CA486F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD82D614-9515-4A9C-B96A-2614DDADEB7A"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B45A35D3-D5CE-40F1-ABC2-9A9E6FA8FE46"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234ED4C3-67B4-4B0E-8EA1-9A70CAAD2BCF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F"}, {"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31F8A14F-8956-493C-8062-EAB872AD0420"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}