Lucene search

[email protected]CVE-2021-1896

HistoryJul 13, 2021 - 6:15 a.m.

CVE-2021-1896

2021-07-1306:15:08

CWE-319

[email protected]

web.nvd.nist.gov

cve-2021-1896

wlan

unencrypted packets

snapdragon compute

snapdragon connectivity

nvd

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity

Affected configurations

NVD

Node

qualcommaqt1000_firmwareMatch-

AND

qualcommaqt1000Match-

Node

qualcommqca6164_firmwareMatch-

AND

qualcommqca6164Match-

Node

qualcommqca6174_firmwareMatch-

AND

qualcommqca6174Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6420_firmwareMatch-

AND

qualcommqca6420Match-

Node

qualcommqca6430_firmwareMatch-

AND

qualcommqca6430Match-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommsc8180x_firmwareMatch-

AND

qualcommsc8180xMatch-

Node

qualcommsd_8c_firmwareMatch-

AND

qualcommsd_8cMatch-

Node

qualcommsd_8cxMatch-

AND

qualcommsd_8cx_firmwareMatch-

Node

qualcommsd7cMatch-

AND

qualcommsd7c_firmwareMatch-

Node

qualcommsd850Match-

AND

qualcommsd850_firmwareMatch-

Node

qualcommsm6250Match-

AND

qualcommsm6250_firmwareMatch-

Node

qualcommwcd9340Match-

AND

qualcommwcd9340_firmwareMatch-

Node

qualcommwcd9341Match-

AND

qualcommwcd9341_firmwareMatch-

Node

qualcommwcn3990Match-

AND

qualcommwcn3990_firmwareMatch-

Node

qualcommwcn3991Match-

AND

qualcommwcn3991_firmwareMatch-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn6850_firmwareMatch-

AND

qualcommwcn6850Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommsdx55_firmwareMatch-

AND

qualcommsdx55Match-

CPENameOperatorVersion
qualcomm:aqt1000_firmwarequalcomm aqt1000 firmwareeq-

CPE	Name	Operator	Version
qualcomm:aqt1000_firmware	qualcomm aqt1000 firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Compute, Snapdragon Connectivity",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AQT1000, QCA6164, QCA6174, QCA6174A, QCA6420, QCA6430, QCA9377, SC8180X+SDX55, SD 8C, SD 8CX, SD7c, SD850, SM6250, WCD9340, WCD9341, WCN3990, WCN3991, WCN3998, WCN6850, WSA8810, WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin

Social References

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Related for CVE-2021-1896

nvd1 cvelist1 prion1