CVE-2021-37101

EPSS 0.02%
Veröffentlicht 09.09.2021 14:15:08
Zuletzt bearbeitet 21.11.2024 06:14:39
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Ais-bw50-00 Firmware Version9.0.6.2(h100sp10c00)

Huawei ≫ Ais-bw50-00 Version-

Huawei ≫ Ais-bw50-00 Firmware Version9.0.6.2(h100sp15c00)

Huawei ≫ Ais-bw50-00 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.035

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210908-01-badauthorization-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-37101

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-37101

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-37101

EUVD