ID HUAWEI-SA-20171213-04-SMARTPHONE
Type huawei
Reporter Huawei Technologies
Modified 2017-12-13T00:00:00
Description
Products
Switches
Routers
WLAN
Servers
See All
Solutions
Cloud Data Center
Enterprise Networking
Wireless Private Network
Solutions by Industry
See All
Services
Training and Certification
ICT Lifecycle Services
Technology Services
Industry Solution Services
See All
See all offerings at e.huawei.com
Need Support ?
Product Support
Software Download
Community
Tools
Go to Full Support
{"id": "HUAWEI-SA-20171213-04-SMARTPHONE", "bulletinFamily": "software", "title": "Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones", "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "published": "2017-12-13T00:00:00", "modified": "2017-12-13T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-04-smartphone-en", "reporter": "Huawei Technologies", "references": [], "cvelist": ["CVE-2017-17139"], "type": "huawei", "lastseen": "2019-02-01T18:02:37", "edition": 1, "viewCount": 2, "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2019-02-01T18:02:37", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-17139"]}], "modified": "2019-02-01T18:02:37", "rev": 2}, "vulnersScore": 5.2}, "affectedSoftware": [{"name": "Mate 9 Pro", "operator": "eq", "version": "The versions before LON-AL00B 8.0.0.334(C00)"}, {"name": "Mate 9", "operator": "eq", "version": "The versions before MHA-AL00B 8.0.0.334(C00)"}]}
{"cve": [{"lastseen": "2020-12-09T20:13:26", "description": "Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.", "edition": 10, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-03-05T19:29:00", "title": "CVE-2017-17139", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17139"], "modified": "2018-03-27T20:40:00", "cpe": [], "id": "CVE-2017-17139", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17139", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}]}
