How severe is CVE-2021-22398?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2021-22398?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2021-22398

MEDIUM Year: 2021

CVSS v3 Score

4.6

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-863

View all →

Vulnerability Description

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1).

CVE-2017-16778

MEDIUM

CVSS:4.6(Medium)

An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow phys...

CWE-8632017

CVE-2018-7926

MEDIUM

CVSS:4.6(Medium)

Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtaine...

CWE-8632018

CVE-2018-7988

MEDIUM

CVSS:4.6(Medium)

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone t...

CWE-8632018

CVE-2019-5220

MEDIUM

CVSS:4.6(Medium)

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step ...

CWE-8632019

CVE-2019-5231

MEDIUM

CVSS:4.6(Medium)

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts...

CWE-8632019

CVE-2020-0473

MEDIUM

CVSS:4.6(Medium)

In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical p...

CWE-8632020

CVE-2021-22398

Vulnerability Description

Related Vulnerabilities

CVE-2017-16778

CVE-2018-7926

CVE-2018-7988

CVE-2019-5220

CVE-2019-5231

CVE-2020-0473