Search criteria
6 vulnerabilities found for mha-al00a by huawei
VAR-201711-0948
Vulnerability from variot - Updated: 2025-04-20 23:25The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot. HuaweiMHA-AL00A is a smartphone product from China's Huawei company. Bastet is one of the communication drivers. Huawei MHA-AL00A is a smart phone product of China Huawei (Huawei)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0948",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mha-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "mha-al00bc00b231"
},
{
"model": "mha-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a \u003cmha-al00bc00b231",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:huawei:mha-al00a",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
}
]
},
"cve": "CVE-2017-8186",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-8186",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-35137",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-116389",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-8186",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8186",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-8186",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-35137",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-951",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-116389",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot. HuaweiMHA-AL00A is a smartphone product from China\u0027s Huawei company. Bastet is one of the communication drivers. Huawei MHA-AL00A is a smart phone product of China Huawei (Huawei)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8186"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8186",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-35137",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116389",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"id": "VAR-201711-0948",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
}
],
"trust": 1.31764705
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
}
]
},
"last_update_date": "2025-04-20T23:25:54.254000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20171018-03-dos",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
},
{
"title": "HuaweiMHA-AL00A restart vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106837"
},
{
"title": "Huawei MHA-AL00A Bastet Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76661"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8186"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8186"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171018-01-dos-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"db": "VULHUB",
"id": "VHN-116389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116389"
},
{
"date": "2017-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"date": "2017-11-22T19:29:04.523000",
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35137"
},
{
"date": "2017-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-116389"
},
{
"date": "2017-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010739"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-951"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8186"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Vulnerability related to input validation in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-951"
}
],
"trust": 0.6
}
}
VAR-201802-0447
Vulnerability from variot - Updated: 2024-11-23 23:05Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS vulnerability. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks. Huawei Smartphone software contains a vulnerability related to input validation.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiBTV-EMUI5.0, Berlin-EMUI5.0, Berlin-L system and other products of China's Huawei company. A denial of service vulnerability exists in several Huawei products because the device failed to adequately verify user input. Huawei BTV-EMUI5.0, etc. Huawei BTV-EMUI5.0 is a smart tablet product. MHA-AL00A is a smart phone product. The vulnerability is caused by the program's insufficient implementation of input validation. The following products and versions are affected: Huawei BTV-EMUI5.0 BTV-DL09C233B350 version; Berlin-EMUI5.0 Berlin-L21HNC432B360 version, Berlin-L22HNC636B360 version, Berlin-L24HNC567B360 version; Berlin-L21 Berlin-L21C10B130 version, Berlin-L218 version , Berlin-L21C464B130 version; Berlin-L22 Berlin-L22C346B140 version, Berlin-L22C636B160 version; Berlin-L23 Berlin-L23C605B131 version, Berlin-L23DOMC109B160 version; MHA-AL00A MHA-AL00AC00B125 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0447",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "berlin-l21",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l21c464b130"
},
{
"model": "berlin-l21",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l21c185b132"
},
{
"model": "berlin-l23",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l23domc109b160"
},
{
"model": "berlin-emui5.0",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l22hnc636b360"
},
{
"model": "berlin-l22",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l22c636b160"
},
{
"model": "berlin-l23",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l23c605b131"
},
{
"model": "mha-al00a",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "mha-al00ac00b125"
},
{
"model": "berlin-l21",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l21c10b130"
},
{
"model": "berlin-l22",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l22c346b140"
},
{
"model": "berlin-emui5.0",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "berlin-l24hnc567b360"
},
{
"model": "berlin-emui5.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "berlin-l21hnc432b360"
},
{
"model": "btv-emui5.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "btv-dl09c233b350"
},
{
"model": "berlin-emui5.0",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l21",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l22",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l23",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "btv-emui5.0",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l21 berlin-l21c10b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l22 berlin-l22c636b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l23 berlin-l23c605b131",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a mha-al00ac00b125",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "btv-emui5.0 btv-dl09c233b350",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-emui5.0 berlin-l21hnc432b360",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-emui5.0 berlin-l22hnc636b360",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-emui5.0 berlin-l24hnc567b360",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l21 berlin-l21c185b132",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l21 berlin-l21c464b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l22 berlin-l22c346b140",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l23 berlin-l23domc109b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:berlin-emui5.0_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:berlin-l21_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:berlin-l22_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:berlin-l23_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:btv-emui5.0_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:mha-al00a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
}
]
},
"cve": "CVE-2017-17201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-17201",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-02548",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-108200",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-17201",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17201",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17201",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-02548",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-945",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108200",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS vulnerability. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks. Huawei Smartphone software contains a vulnerability related to input validation.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiBTV-EMUI5.0, Berlin-EMUI5.0, Berlin-L system and other products of China\u0027s Huawei company. A denial of service vulnerability exists in several Huawei products because the device failed to adequately verify user input. Huawei BTV-EMUI5.0, etc. Huawei BTV-EMUI5.0 is a smart tablet product. MHA-AL00A is a smart phone product. The vulnerability is caused by the program\u0027s insufficient implementation of input validation. The following products and versions are affected: Huawei BTV-EMUI5.0 BTV-DL09C233B350 version; Berlin-EMUI5.0 Berlin-L21HNC432B360 version, Berlin-L22HNC636B360 version, Berlin-L24HNC567B360 version; Berlin-L21 Berlin-L21C10B130 version, Berlin-L218 version , Berlin-L21C464B130 version; Berlin-L22 Berlin-L22C346B140 version, Berlin-L22C636B160 version; Berlin-L23 Berlin-L23C605B131 version, Berlin-L23DOMC109B160 version; MHA-AL00A MHA-AL00AC00B125 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17201",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02548",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108200",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"id": "VAR-201802-0447",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
}
],
"trust": 1.5967086875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
}
]
},
"last_update_date": "2024-11-23T23:05:14.783000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180124-01-dos",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-dos-en"
},
{
"title": "Patches for various Huawei Product Denial of Service Vulnerabilities (CNVD-2018-02548)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/115285"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108200"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-dos-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17201"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17201"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180124-01-dos-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"db": "VULHUB",
"id": "VHN-108200"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-108200"
},
{
"date": "2018-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"date": "2017-12-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"date": "2018-02-15T16:29:02.627000",
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02548"
},
{
"date": "2018-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-108200"
},
{
"date": "2018-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012678"
},
{
"date": "2018-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-945"
},
{
"date": "2024-11-21T03:17:40.330000",
"db": "NVD",
"id": "CVE-2017-17201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Vulnerability related to input validation in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012678"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-945"
}
],
"trust": 0.6
}
}
VAR-201803-0206
Vulnerability from variot - Updated: 2024-11-23 22:17Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause information disclosure. HuaweiMHA-AL00A is a smartphone product from China's Huawei company. An integer overflow vulnerability exists in the HuaweiMHA-AL00AMHA-AL00AC00B125 version, which stems from a program not processing a variable correctly while processing a process. Huawei Smart Phones are prone to an integer-overflow vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0206",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mha-al00a",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "mha-al00ac00b125"
},
{
"model": "mha-al00a mha-al00ac00b125",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a mha-al00bc00b231",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "BID",
"id": "103419"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:mha-al00a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "He Yao of Baidu X-Lab",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
}
],
"trust": 0.6
},
"cve": "CVE-2017-17328",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-17328",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-38097",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-108339",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-17328",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17328",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17328",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-38097",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-878",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-108339",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "VULHUB",
"id": "VHN-108339"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause information disclosure. HuaweiMHA-AL00A is a smartphone product from China\u0027s Huawei company. An integer overflow vulnerability exists in the HuaweiMHA-AL00AMHA-AL00AC00B125 version, which stems from a program not processing a variable correctly while processing a process. Huawei Smart Phones are prone to an integer-overflow vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17328"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "BID",
"id": "103419"
},
{
"db": "VULHUB",
"id": "VHN-108339"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17328",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38097",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "39155",
"trust": 0.6
},
{
"db": "BID",
"id": "103419",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-108339",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "VULHUB",
"id": "VHN-108339"
},
{
"db": "BID",
"id": "103419"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"id": "VAR-201803-0206",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "VULHUB",
"id": "VHN-108339"
}
],
"trust": 1.31764705
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
}
]
},
"last_update_date": "2024-11-23T22:17:38.569000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory - Integer Overflow Vulnerability on Smartphones",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171220-01-smartphone-en"
},
{
"title": "HuaweiMHA-AL00A Patch for Integer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/111709"
},
{
"title": "Huawei MHA-AL00A Fixes for digital error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77327"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108339"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171220-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17328"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17328"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171220-01-smartphone-cn"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-smartphone-en"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/39155"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "VULHUB",
"id": "VHN-108339"
},
{
"db": "BID",
"id": "103419"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"db": "VULHUB",
"id": "VHN-108339"
},
{
"db": "BID",
"id": "103419"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"date": "2018-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-108339"
},
{
"date": "2017-12-20T00:00:00",
"db": "BID",
"id": "103419"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"date": "2017-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"date": "2018-03-09T17:29:02.220000",
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38097"
},
{
"date": "2018-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-108339"
},
{
"date": "2017-12-20T00:00:00",
"db": "BID",
"id": "103419"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012887"
},
{
"date": "2017-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-878"
},
{
"date": "2024-11-21T03:17:50.790000",
"db": "NVD",
"id": "CVE-2017-17328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Integer overflow vulnerability in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012887"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-878"
}
],
"trust": 0.6
}
}
VAR-201803-0205
Vulnerability from variot - Updated: 2024-11-23 21:53Huawei smartphones with software of MHA-AL00AC00B125 have an improper resource management vulnerability. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause certain service unavailable. HuaweiMHA-AL00A is a smartphone product from China's Huawei company. A resource management error vulnerability exists in the HuaweiMHA-AL00AMHA-AL00AC00B125 version, which is caused by the system failing to properly lock resources when processing a registration operation. Huawei Smart Phones are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Huawei MHA-AL00A is a smart phone product of China Huawei (Huawei)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mha-al00a",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "mha-al00ac00b125"
},
{
"model": "mha-al00a mha-al00ac00b125",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mha-al00a mha-al00bc00b231",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "BID",
"id": "103418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:mha-al00a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "He Yao of Baidu X-Lab",
"sources": [
{
"db": "BID",
"id": "103418"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
}
],
"trust": 0.9
},
"cve": "CVE-2017-17327",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-17327",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-38098",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-108338",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-17327",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17327",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17327",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-38098",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-877",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108338",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "VULHUB",
"id": "VHN-108338"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei smartphones with software of MHA-AL00AC00B125 have an improper resource management vulnerability. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause certain service unavailable. HuaweiMHA-AL00A is a smartphone product from China\u0027s Huawei company. A resource management error vulnerability exists in the HuaweiMHA-AL00AMHA-AL00AC00B125 version, which is caused by the system failing to properly lock resources when processing a registration operation. Huawei Smart Phones are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. Huawei MHA-AL00A is a smart phone product of China Huawei (Huawei)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17327"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "BID",
"id": "103418"
},
{
"db": "VULHUB",
"id": "VHN-108338"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17327",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38098",
"trust": 0.6
},
{
"db": "BID",
"id": "103418",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-108338",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "VULHUB",
"id": "VHN-108338"
},
{
"db": "BID",
"id": "103418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"id": "VAR-201803-0205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "VULHUB",
"id": "VHN-108338"
}
],
"trust": 1.31764705
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
}
]
},
"last_update_date": "2024-11-23T21:53:20.983000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory - Improper Resource Management Vulnerability on Huawei Smartphones",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-03-smartphone-en"
},
{
"title": "HuaweiMHA-AL00A resource management error vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/111711"
},
{
"title": "Huawei MHA-AL00A Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77326"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108338"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-03-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17327"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17327"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171220-03-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "VULHUB",
"id": "VHN-108338"
},
{
"db": "BID",
"id": "103418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "VULHUB",
"id": "VHN-108338"
},
{
"db": "BID",
"id": "103418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"date": "2018-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-108338"
},
{
"date": "2017-12-20T00:00:00",
"db": "BID",
"id": "103418"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"date": "2017-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"date": "2018-03-09T17:29:02.190000",
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-108338"
},
{
"date": "2017-12-20T00:00:00",
"db": "BID",
"id": "103418"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012886"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-877"
},
{
"date": "2024-11-21T03:17:50.680000",
"db": "NVD",
"id": "CVE-2017-17327"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei MHA-AL00A Resource Management Error Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38098"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-877"
}
],
"trust": 0.6
}
}
CVE-2017-8186 (GCVE-0-2017-8186)
Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-09-17 02:42
VLAI?
Summary
The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot.
Severity ?
No CVSS data available.
CWE
- DOS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | MHA-AL00A |
Affected:
Earlier than MHA-AL00BC00B231 versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MHA-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than MHA-AL00BC00B231 versions"
}
]
}
],
"datePublic": "2017-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-22T18:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-11-15T00:00:00",
"ID": "CVE-2017-8186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MHA-AL00A",
"version": {
"version_data": [
{
"version_value": "Earlier than MHA-AL00BC00B231 versions"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-8186",
"datePublished": "2017-11-22T19:00:00Z",
"dateReserved": "2017-04-25T00:00:00",
"dateUpdated": "2024-09-17T02:42:33.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8186 (GCVE-0-2017-8186)
Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-17 02:42
VLAI?
Summary
The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot.
Severity ?
No CVSS data available.
CWE
- DOS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | MHA-AL00A |
Affected:
Earlier than MHA-AL00BC00B231 versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MHA-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than MHA-AL00BC00B231 versions"
}
]
}
],
"datePublic": "2017-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-22T18:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-11-15T00:00:00",
"ID": "CVE-2017-8186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MHA-AL00A",
"version": {
"version_data": [
{
"version_value": "Earlier than MHA-AL00BC00B231 versions"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-8186",
"datePublished": "2017-11-22T19:00:00Z",
"dateReserved": "2017-04-25T00:00:00",
"dateUpdated": "2024-09-17T02:42:33.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}