CVE-2021-22398

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1).
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:hulk-al00c_firmware:9.1.1.201\(c00e201r8p1\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:hulk-al00c:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:jennifer-an00c_firmware:10.1.1.171\(c00e170r6p3\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:jennifer-an00c:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:jenny-al10b_firmware:10.1.0.228\(c00e220r5p1\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:jenny-al10b:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:oxfordpl-an10b_firmware:10.1.0.116\(c00e110r2p1\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:oxfordpl-an10b:-:*:*:*:*:*:*:*

Information

Published : 2021-08-02 10:15

Updated : 2021-08-11 08:21


NVD link : CVE-2021-22398

Mitre link : CVE-2021-22398


JSON object : View

CWE
CWE-863

Incorrect Authorization

Advertisement

dedicated server usa

Products Affected

huawei

  • hulk-al00c_firmware
  • jenny-al10b_firmware
  • jenny-al10b
  • jennifer-an00c
  • hulk-al00c
  • oxfordpl-an10b_firmware
  • jennifer-an00c_firmware
  • oxfordpl-an10b