DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2022-41579", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2022-41579", "description": "There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band.", "published": "2022-12-28T18:15:00", "modified": "2023-01-06T00:03:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 3.9, "impactScore": 2.5}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41579", "reporter": "psirt@huawei.com", "references": ["https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20221130-01-c7f72ffb-en"], "cvelist": ["CVE-2022-41579"], "immutableFields": [], "lastseen": "2023-01-06T01:20:58", "viewCount": 25, "enchantments": {"score": {"value": 3.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "huawei", "idList": ["HUAWEI-SA-20221130-01-C7F72FFB-EN"]}]}, "affected_software": {"major_version": [{"name": "huawei hota-fara-b19 firmware", "version": 11}]}, "vulnersScore": 3.3}, "_state": {"dependencies": 1672968096, "score": 1672968316, "affected_software_major_version": 1672968822}, "_internal": {"score_hash": "65c998ee87b9ba70a1a1506f3db0afbd"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:huawei:hota-fara-b19_firmware:11.1.2.40"], "cpe23": ["cpe:2.3:o:huawei:hota-fara-b19_firmware:11.1.2.40:*:*:*:*:*:*:*"], "cwe": ["CWE-287"], "affectedSoftware": [{"cpeName": "huawei:hota-fara-b19_firmware", "version": "11.1.2.40", "operator": "eq", "name": "huawei hota-fara-b19 firmware"}], "affectedConfiguration": [{"name": "huawei hota-fara-b19", "cpeName": "huawei:hota-fara-b19", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:huawei:hota-fara-b19_firmware:11.1.2.40:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:huawei:hota-fara-b19:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "extraReferences": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20221130-01-c7f72ffb-en", "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20221130-01-c7f72ffb-en", "refsource": "MISC", "tags": ["Vendor Advisory"]}]}

{"huawei": [{"lastseen": "2023-01-06T04:16:04", "description": "There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band. (Vulnerability ID: HWPSIRT-2022-85585)\n\nThis vulnerability has been assigned a (CVE) ID: CVE-2022-41579 \n \n \n\n\n \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 2.5}, "published": "2022-11-23T00:00:00", "type": "huawei", "title": "Security Advisory - Insufficient Authentication Vulnerability in some Huawei Band Products", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-41579"], "modified": "2022-11-23T00:00:00", "id": "HUAWEI-SA-20221130-01-C7F72FFB-EN", "href": "https://www.huawei.com/en/psirt/security-advisories/2022/huawei-sa-20221130-01-c7f72ffb-en", "cvss": {"score": 0.0, "vector": "NONE"}}]}