CVE-2021-1896

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity

CVSS v3 4.3 MEDIUM
CVSS v2.0 3.3 LOW

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6164_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6164:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sd_8c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8c:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sd7c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd7c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~NVD-CWE-Other~~	CWE-319

15 Jul 2021, 18:17

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 3.3 v3 : 4.3
CWE		NVD-CWE-Other
References	~~(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin -~~	(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin - Vendor Advisory
CPE		cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:h:qualcomm:sm6250:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6174:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:qca6164_firmware:-:::::::* cpe:2.3:o:qualcomm:sd_8c_firmware:-:::::::* cpe:2.3:o:qualcomm:sd850_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55:-:::::::* cpe:2.3:h:qualcomm:qca6164:-:::::::* cpe:2.3:o:qualcomm:sdx55_firmware:-:::::::* cpe:2.3:o:qualcomm:sm6250_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9340:-:::::::* cpe:2.3:h:qualcomm:qca6174a:-:::::::* cpe:2.3:o:qualcomm:wcn3990_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_8c:-:::::::* cpe:2.3:o:qualcomm:sd_8cx_firmware:-:::::::* cpe:2.3:h:qualcomm:sc8180x:-:::::::* cpe:2.3:h:qualcomm:qca6420:-:::::::* cpe:2.3:h:qualcomm:wcn3991:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6174_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9340_firmware:-:::::::* cpe:2.3:o:qualcomm:sc8180x_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_8cx:-:::::::* cpe:2.3:o:qualcomm:qca6430_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6850_firmware:-:::::::* cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::* cpe:2.3:h:qualcomm:qca9377:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:h:qualcomm:aqt1000:-:::::::* cpe:2.3:o:qualcomm:sd7c_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6420_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3991_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6430:-:::::::* cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:h:qualcomm:sd7c:-:::::::* cpe:2.3:o:qualcomm:qca6174a_firmware:-:::::::* cpe:2.3:o:qualcomm:qca9377_firmware:-:::::::* cpe:2.3:h:qualcomm:sd850:-:::::::* cpe:2.3:h:qualcomm:wcn3990:-:::::::* cpe:2.3:h:qualcomm:wcn6850:-:::::::*

13 Jul 2021, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-07-13 06:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-1896

Mitre link : CVE-2021-1896

CVE.ORG link : CVE-2021-1896

JSON object : View

Products Affected

qualcomm

qca6430_firmware
qca6174_firmware
sd_8cx_firmware
sd_8cx
wcn3990
sd7c
wcn3990_firmware
qca9377
wcn6850
sd_8c
wsa8815_firmware
qca6420_firmware
qca6174
wcn3998_firmware
sd7c_firmware
sd850_firmware
sm6250_firmware
qca9377_firmware
sd_8c_firmware
wcn3991_firmware
wcn6850_firmware
sm6250
sc8180x
wsa8810_firmware
wcd9340
sdx55
sdx55_firmware
sd850
qca6174a_firmware
qca6164_firmware
wcd9340_firmware
wcd9341_firmware
wcd9341
wsa8815
sc8180x_firmware
wcn3998
qca6430
aqt1000
qca6174a
qca6164
wcn3991
wsa8810
aqt1000_firmware
qca6420

CWE

CWE-319

Cleartext Transmission of Sensitive Information

4.3 /10

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3 /10

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-1896

4.3^/10

3.3^/10

Attach tags to `CVE-2021-1896`