Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20181010-01-APPLOCK
HistoryOct 10, 2018 - 12:00 a.m.

Security Advisory - Improper Authentication Vulnerability on Smartphones

2018-10-1000:00:00
Huawei Technologies
www.huawei.com
15

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

24.0%

JSON

There is an improper authentication vulnerability on smartphones. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock password after a series of operations. Successful exploit could allow the attacker to use the application which is locked. (Vulnerability ID: HWPSIRT-2018-06006)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-7989.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applock-en

Affected configurations

Vulners
Node
huaweialp-al00bRange<8.1.0.326
OR
huaweialp-tl00bRange<8.1.0.326
OR
huaweiwarsaw-al00Range<8.0.0.165
OR
huaweiatomu-al00bRange<8.0.0.186
OR
huaweiatomu-al10bRange<8.0.0.186
OR
huaweiatomu-al20bRange<8.0.0.186
OR
huaweiatomu-l29aRange<8.0.0.140
OR
huaweiatomu-l41Range<8.0.0.140
OR
huaweibla-al00bRange<8.1.0.326
OR
huaweibla-tl00bRange<8.1.0.326
OR
huaweiberkeley-tl10Range<8.0.0.192
OR
huaweiduke-l09Range<8.0.0.366
OR
huaweiduke-l09Range<8.0.0.368
OR
huaweiduke-l09Range<8.0.0.369
OR
huaweifigo-al10bRange<8.0.0.173
OR
huaweifigo-al10bRange<8.0.0.176
OR
huaweifigo-l31Range<8.0.0.124
OR
huaweifigo-l31Range<8.0.0.130
OR
huaweifigo-l31Range<8.0.0.133
OR
huaweifigo-l31Range<8.0.0.136
OR
huaweifigo-l31Range<8.0.0.148
OR
huaweifigo-tl00aRange<8.0.0.173
OR
huaweiflorida-al10bRange<8.0.0.168
OR
huaweiflorida-tl10bRange<8.0.0.168
OR
huaweihuawei_y6_prime_2018Range<8.0.0.140
OR
huaweihuawei_nova_3eRange<8.0.0.142
OR
huaweijimmy-tl00aRange<Jimmy-AL00AC00B172
OR
huaweijimmy-tl00aRange<Jimmy-TL00AC01B172
OR
huaweivicky-al00aRange<8.0.0.178
OR
huaweileland-l22cRange<8.0.0.185
OR
huaweileland-l42aRange<8.0.0.175
OR
huaweileland-l42cRange<8.0.0.175
OR
huaweileland-tl10bRange<8.0.0.178
OR
huaweileland-tl10cRange<8.0.0.178
OR
huaweilelandp-al00cRange<8.0.0.123
OR
huaweilondon-al00bRange<8.0.0.211
OR
huaweilondon-al00cRange<8.0.0.211
OR
huaweilondon-al00dRange<8.0.0.211
OR
huaweilondon-al10Range<8.0.0.211
OR
huaweilondon-al30aRange<8.0.0.211
OR
huaweilondon-al30iRange<8.0.0.150
OR
huaweilondon-al40Range<8.0.0.211
OR
huaweilondon-al40iRange<8.0.0.150
OR
huaweilondon-l29Range<8.0.0.132
OR
huaweilondon-tl00bRange<8.0.0.211
OR
huaweilondon-tl00cRange<8.0.0.211
OR
huaweilondon-tl10Range<8.0.0.211
OR
huaweilondon-tl40Range<8.0.0.211
OR
huaweistanford-l09Range<8.0.0.355
OR
huaweitorontoRange<Toronto-AL00C00B225
OR
huaweitorontoRange<Toronto-AL00AC00B225
OR
huaweitoronto-tl10Range<Toronto-TL10C01B225

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2018-7989
2018-10-17 15:29:00
cve
cve
CVE-2018-7989
2018-10-17 15:29:00
prion
prion
Authentication flaw
2018-10-17 15:29:00
cvelist
cvelist
CVE-2018-7989
2018-10-17 15:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

24.0%

JSON
Related for HUAWEI-SA-20181010-01-APPLOCK
nvd1cve1prion1cvelist1