CVE-2021-22351Insufficiently Protected Credentials in Huawei Emui

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
8.1HIGHNVD
EPSS
0.2%
top 63.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedJun 30
Latest updateMay 24

Description

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 2.8 | Impact: 5.2

Affected Packages2 packages

NVDhuawei/emui10.1.1, 11.0.0, 11.0.1+2
NVDhuawei/magic_ui3.1.1, 4.0.0+1

🔴Vulnerability Details

2
GHSA
GHSA-hvjx-fghp-fwxj: There is a Credentials Management Errors Vulnerability in Huawei Smartphone2022-05-24
CVEList
CVE-2021-22351: There is a Credentials Management Errors Vulnerability in Huawei Smartphone2021-06-30
CVE-2021-22351 — Insufficiently Protected Credentials | cvebase