Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20180919-02-SMARTPHONE
HistorySep 19, 2018 - 12:00 a.m.

Security Advisory - Sensitive Information Leak Vulnerability in Some Huawei Products

2018-09-1900:00:00
Huawei Technologies
www.huawei.com
23

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

29.0%

JSON

There is a sensitive information leak vulnerability in some Huawei products. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak. (Vulnerability ID: HWPSIRT-2018-05096)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-7907.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en

Affected configurations

Vulners
Node
huaweiagassi-l09_firmwareMatchags-l09c100b257custc100d001
OR
huaweiagassi-l09_firmwareMatchags-l09c170b253custc170d001
OR
huaweiagassi-l09_firmwareMatchags-l09c199b251custc199d001
OR
huaweiagassi-l09_firmwareMatchags-l09c229b003custc229d001
OR
huaweiagassi-w09_firmwareMatchags-w09c100b257custc100d001
OR
huaweiagassi-w09_firmwareMatchags-w09c128b252custc128d001
OR
huaweiagassi-w09_firmwareMatchags-w09c170b252custc170d001
OR
huaweiagassi-w09_firmwareMatchags-w09c229b251custc229d001
OR
huaweiagassi-w09_firmwareMatchags-w09c331b003custc331d001
OR
huaweiagassi-w09_firmwareMatchags-w09c794b001custc794d001
OR
huaweibaggio2-u01a_firmwareMatchbg2-u01c100b160custc100d001
OR
huaweibaggio2-u01a_firmwareMatchbg2-u01c170b160custc170d001
OR
huaweibaggio2-u01a_firmwareMatchbg2-u01c199b162custc199d001
OR
huaweibaggio2-u01a_firmwareMatchbg2-u01c209b160custc209d001
OR
huaweibaggio2-u01a_firmwareMatchbg2-u01c333b160custc333d001
OR
huaweibond-al00c_firmwareMatchbond-al00cc00b201
OR
huaweibond-al10b_firmwareMatchbond-al10bc00b201
OR
huaweibond-tl10b_firmwareMatchbond-tl10bc01b201
OR
huaweibond-tl10c_firmwareMatchbond-tl10cc01b131
OR
huaweihaydn-l1jb_firmwareMatchhdn-l1jc137b068
OR
huaweikobe-l09a_firmwareMatchkob-l09c100b252custc100d001
OR
huaweikobe-l09a_firmwareMatchkob-l09c209b002custc209d001
OR
huaweikobe-l09a_firmwareMatchkob-l09c362b001custc362d001
OR
huaweikobe-l09ahn_firmwareMatchkob-l09c233b226
OR
huaweikobe-w09c_firmwareMatchkob-w09c128b251custc128d001
OR
huaweilelandp-l22c_firmwareMatch8.0.0.101
OR
huaweilelandp-l22d_firmwareMatch8.0.0.101
OR
huaweirhone-al00_firmwareMatchrhone-al00c00b186
OR
huaweiselina-l02_firmwareMatchselina-l02c432b153
OR
huaweistanford-l09s_firmwareMatchstanford-l09sc432b183
OR
huaweitoronto-al00_firmwareMatchtoronto-al00c00b223
OR
huaweitoronto-al00a_firmwareMatchtoronto-al00ac00b223
OR
huaweitoronto-tl10_firmwareMatchtoronto-tl10c01b223
VendorProductVersionCPE
huaweiagassi-l09_firmwareags-l09c100b257custc100d001cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c100b257custc100d001:*:*:*:*:*:*:*
huaweiagassi-l09_firmwareags-l09c170b253custc170d001cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c170b253custc170d001:*:*:*:*:*:*:*
huaweiagassi-l09_firmwareags-l09c199b251custc199d001cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c199b251custc199d001:*:*:*:*:*:*:*
huaweiagassi-l09_firmwareags-l09c229b003custc229d001cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c229b003custc229d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c100b257custc100d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c100b257custc100d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c128b252custc128d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c128b252custc128d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c170b252custc170d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c170b252custc170d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c229b251custc229d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c229b251custc229d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c331b003custc331d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c331b003custc331d001:*:*:*:*:*:*:*
huaweiagassi-w09_firmwareags-w09c794b001custc794d001cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c794b001custc794d001:*:*:*:*:*:*:*
Rows per page:
1-10 of 331

Related

prion 1
nvd 1
cve 1
cvelist 1
prion
prion
Information disclosure
2018-09-26 13:29:00
nvd
nvd
CVE-2018-7907
2018-09-26 13:29:00
cve
cve
CVE-2018-7907
2018-09-26 13:29:00
cvelist
cvelist
CVE-2018-7907
2018-09-26 13:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

29.0%

JSON
Related for HUAWEI-SA-20180919-02-SMARTPHONE
prion1nvd1cve1cvelist1