CVE-2021-22310

Published Mar 22, 2021

Last updated 4 years ago

CVSS medium 4.4

Overview

Description: There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.4
Impact score: 3.6
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-532

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1856722C-597D-495D-AFCC-21E5FF6F2359"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDC040A6-3E38-4B21-9779-67CF66FDC6B3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11CAA59E-F2A8-4E84-BCC5-CADA8FDA9712"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3983A57-2F07-4D21-9093-1DFEAB310E26"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A638ACAF-9A6F-4861-8CDB-E43FBC3C9C5B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72CE6722-BA5D-4AAE-9C72-36F06EB4DFF1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0F5C89A-DA13-46D1-BDCF-0BD94F7B7861"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A32EF67-5C9D-4F2F-BCC9-D5C5C9F69544"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References