Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-8144
HistoryNov 22, 2017 - 7:29 p.m.

CVE-2017-8144

2017-11-2219:29:03
CWE-920
[email protected]
web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

23.5%

JSON

Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery.

Affected configurations

NVD
Node
huaweihonor_5a_firmwareRange<cam-l03c605b143custc605d003
AND
huaweihonor_5aMatch-
Node
huaweihonor_8_lite_firmwareRange<prague-l03c605b161
AND
huaweihonor_8_liteMatch-
Node
huaweihonor_8_lite_firmwareRange<prague-l23c605b160
AND
huaweihonor_8_liteMatch-
Node
huaweimate_9_firmwareRange<mha-al00c00b225
AND
huaweimate_9Match-
Node
huaweimate_9_pro_firmwareRange<lon-al00c00b225
AND
huaweimate_9_proMatch-
Node
huaweip10_firmwareRange<vtr-al00c00b167
AND
huaweip10Match-
Node
huaweip10_firmwareRange<vtr-tl00c01b167
AND
huaweip10Match-
Node
huaweip10_plus_firmwareRange<vky-al00c00b167
AND
huaweip10_plusMatch-
Node
huaweip10_plus_firmwareRange<vky-tl00c01b167
AND
huaweip10_plusMatch-

Related

prion 1
cvelist 1
huawei 1
cve 1
prion
prion
Privilege escalation
2017-11-22 19:29:00
cvelist
cvelist
CVE-2017-8144
2017-11-15 00:00:00
huawei
huawei
Security Advisory - Resource Exhaustion Vulnerability in Some Huawei Smartphones
2017-07-25 00:00:00
cve
cve
CVE-2017-8144
2017-11-22 19:29:03

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

23.5%

JSON
Related for NVD:CVE-2017-8144
prion1cvelist1huawei1cve1