Lucene search

[email protected]NVD:CVE-2017-18192

HistoryFeb 20, 2018 - 6:29 a.m.

CVE-2017-18192

2018-02-2006:29:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.006

Percentile

78.5%

JSON

smart/calculator/gallerylock/CalculatorActivity.java in the “Photo,Video Locker-Calculator” application through 18 for Android allows attackers to access files via the backdoor 17621762 PIN.

Affected configurations

Nvd

Node

photo\,video_locker-calculator_projectphoto\,video_locker-calculatorRange≤18.0android

VendorProductVersionCPE
photo\,video_locker-calculator_projectphoto\,video_locker-calculator*cpe:2.3:a:photo\,video_locker-calculator_project:photo\,video_locker-calculator:*:*:*:*:*:android:*:*

Vendor	Product	Version	CPE
photo\,video_locker-calculator_project	photo\,video_locker-calculator	*	cpe:2.3:a:photo\,video_locker-calculator_project:photo\,video_locker-calculator::::::android::*

References

www.ds-security.com/2017/11/16/photovideo-locker-calculator-leak-of-sensitive-files/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.006

Percentile

78.5%

JSON

Related for NVD:CVE-2017-18192

cve1 prion1 cvelist1