Lucene search

[email protected]NVD:CVE-2018-11958

HistoryApr 04, 2019 - 3:29 p.m.

CVE-2018-11958

2019-04-0415:29:00

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

Percentile

12.6%

JSON

Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016

Affected configurations

Nvd

Node

qualcommmdm9206Match-

AND

qualcommmdm9206_firmwareMatch-

Node

qualcommmdm9607Match-

AND

qualcommmdm9607_firmwareMatch-

Node

qualcommmdm9650Match-

AND

qualcommmdm9650_firmwareMatch-

Node

qualcommmdm9655Match-

AND

qualcommmdm9655_firmwareMatch-

Node

qualcommqm215_firmwareMatch-

AND

qualcommqm215Match-

Node

qualcommsd_210Match-

AND

qualcommsd_210_firmwareMatch-

Node

qualcommsd_212Match-

AND

qualcommsd_212_firmwareMatch-

Node

qualcommsd_205Match-

AND

qualcommsd_205_firmwareMatch-

Node

qualcommsd_410Match-

AND

qualcommsd_410_firmwareMatch-

Node

qualcommsd_412_firmwareMatch-

AND

qualcommsd_412Match-

Node

qualcommsd_425_firmwareMatch-

AND

qualcommsd_425Match-

Node

qualcommsd_427_firmwareMatch-

AND

qualcommsd_427Match-

Node

qualcommsd_430_firmwareMatch-

AND

qualcommsd_430Match-

Node

qualcommsd_435_firmwareMatch-

AND

qualcommsd_435Match-

Node

qualcommsd_439_firmwareMatch-

AND

qualcommsd_439Match-

Node

qualcommsd_429_firmwareMatch-

AND

qualcommsd_429Match-

Node

qualcommsd_450_firmwareMatch-

AND

qualcommsd_450Match-

Node

qualcommsd_615_firmwareMatch-

AND

qualcommsd_615Match-

Node

qualcommsd_616_firmwareMatch-

AND

qualcommsd_616Match-

Node

qualcommsd_415_firmwareMatch-

AND

qualcommsd_415Match-

Node

qualcommsd_625_firmwareMatch-

AND

qualcommsd_625Match-

Node

qualcommsd_632_firmwareMatch-

AND

qualcommsd_632Match-

Node

qualcommsd_636_firmwareMatch-

AND

qualcommsd_636Match-

Node

qualcommsd_650_firmwareMatch-

AND

qualcommsd_650Match-

Node

qualcommsd_652_firmwareMatch-

AND

qualcommsd_652Match-

Node

qualcommsda660_firmwareMatch-

AND

qualcommsda660Match-

Node

qualcommsdm439_firmwareMatch-

AND

qualcommsdm439Match-

Node

qualcommsdm630_firmwareMatch-

AND

qualcommsdm630Match-

Node

qualcommsdm660_firmwareMatch-

AND

qualcommsdm660Match-

Node

qualcommsnapdragon_high_med_2016_firmwareMatch-

AND

qualcommsnapdragon_high_med_2016Match-

VendorProductVersionCPE
qualcommmdm9206-cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
qualcommmdm9206_firmware-cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
qualcommmdm9607-cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
qualcommmdm9607_firmware-cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
qualcommmdm9650-cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
qualcommmdm9650_firmware-cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
qualcommmdm9655-cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
qualcommmdm9655_firmware-cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
qualcommqm215_firmware-cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
qualcommqm215-cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	mdm9206	-	cpe:2.3:h:qualcomm:mdm9206:-:::::::*
qualcomm	mdm9206_firmware	-	cpe:2.3:o:qualcomm:mdm9206_firmware:-:::::::*
qualcomm	mdm9607	-	cpe:2.3:h:qualcomm:mdm9607:-:::::::*
qualcomm	mdm9607_firmware	-	cpe:2.3:o:qualcomm:mdm9607_firmware:-:::::::*
qualcomm	mdm9650	-	cpe:2.3:h:qualcomm:mdm9650:-:::::::*
qualcomm	mdm9650_firmware	-	cpe:2.3:o:qualcomm:mdm9650_firmware:-:::::::*
qualcomm	mdm9655	-	cpe:2.3:h:qualcomm:mdm9655:-:::::::*
qualcomm	mdm9655_firmware	-	cpe:2.3:o:qualcomm:mdm9655_firmware:-:::::::*
qualcomm	qm215_firmware	-	cpe:2.3:o:qualcomm:qm215_firmware:-:::::::*
qualcomm	qm215	-	cpe:2.3:h:qualcomm:qm215:-:::::::*

Rows per page:

1-10 of 601

References

www.qualcomm.com/company/product-security/bulletins

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2018-11958

android1 cvelist1 prion1 cve1 threatpost1