Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-37127

🗓️ 27 Oct 2021 00:31:45Reported by huaweiType 
cve
 cve🔗 web.nvd.nist.gov👁 42 Views

There's a signature management vulnerability in certain Huawei products allowing an attacker to forge a signature and bypass the check, potentially causing system file overwrite during firmware update process

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
CNNVD		Huawei Imanager NetEco 数据伪造问题漏洞
21 Oct 202100:00
cnnvd
CNVD		Huawei iManager NetEco incorrect signature management vulnerability
24 Oct 202100:00
cnvd
Cvelist		CVE-2021-37127
27 Oct 202100:31
cvelist
EUVD		EUVD-2021-23703
7 Oct 202500:30
euvd
Huawei		Security Advisory - Improper Signature Management Vulnerability in Some Huawei Products
20 Oct 202100:00
huawei
NVD		CVE-2021-37127
27 Oct 202101:15
nvd
OSV		CVE-2021-37127
27 Oct 202101:15
osv
Prion		Design/Logic Flaw
27 Oct 202101:15
prion
RedhatCVE		CVE-2021-37127
22 May 202520:03
redhatcve
NVD
Vulners
Node
huaweiimanager_neteco_6000_firmwareMatchv600r010c00cp2001
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00cp2002
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc100
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc110
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc120
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc200
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc210
OR
huaweiimanager_neteco_6000_firmwareMatchv600r010c00spc300
AND
huaweiimanager_neteco_6000Match-
Node
huaweiimanager_neteco_firmwareMatchv600r009c00spc100
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc110
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc120
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc190
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc200
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc201
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc202
OR
huaweiimanager_neteco_firmwareMatchv600r009c00spc210
AND
huaweiimanager_netecoMatch-
[
  {
    "product": "iManager NetEco;iManager NetEco 6000",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300"
      },
      {
        "status": "affected",
        "version": "V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 06:14Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.17.2
CVSS 29
EPSS0.00101
CWE-347
cve-2021-37127signature management vulnerabilityhuawei productsfirmware updatesystem file overwritenvd
42