{"containers": {"cna": {"affected": [{"product": "EMUI", "vendor": "Huawei", "versions": [{"status": "affected", "version": "12.0.0"}, {"status": "affected", "version": "11.0.0"}, {"status": "affected", "version": "10.1.1"}, {"status": "affected", "version": "10.1.0"}, {"status": "affected", "version": "10.0.0"}]}, {"product": "Magic UI", "vendor": "Huawei", "versions": [{"status": "affected", "version": "4.0.0"}, {"status": "affected", "version": "3.1.1"}, {"status": "affected", "version": "3.1.0"}, {"status": "affected", "version": "3.0.0"}]}], "descriptions": [{"lang": "en", "value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."}], "problemTypes": [{"descriptions": [{"description": "Third-party pop-up window coverage vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-05-13T15:02:51.000Z", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2021-46788", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "EMUI", "version": {"version_data": [{"version_affected": "=", "version_value": "12.0.0"}, {"version_affected": "=", "version_value": "11.0.0"}, {"version_affected": "=", "version_value": "10.1.1"}, {"version_affected": "=", "version_value": "10.1.0"}, {"version_affected": "=", "version_value": "10.0.0"}]}}, {"product_name": "Magic UI", "version": {"version_data": [{"version_affected": "=", "version_value": "4.0.0"}, {"version_affected": "=", "version_value": "3.1.1"}, {"version_affected": "=", "version_value": "3.1.0"}, {"version_affected": "=", "version_value": "3.0.0"}]}}]}, "vendor_name": "Huawei"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Third-party pop-up window coverage vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/", "refsource": "MISC", "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:42.325Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2021-46788", "datePublished": "2022-05-13T15:02:51.000Z", "dateReserved": "2022-04-25T00:00:00.000Z", "dateUpdated": "2024-08-04T05:17:42.325Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."}, {"lang": "es", "value": "Una vulnerabilidad de cobertura de ventanas emergentes de terceros en el m\u00f3dulo iConnect. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que la ventana emergente del sistema pueda ser cubierta para enga\u00f1ar a usuarios a llevar a cabo operaciones incorrectas"}], "id": "CVE-2021-46788", "lastModified": "2024-11-21T06:34:43.383", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-13T15:15:08.570", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}