Search criteria
3 vulnerabilities found for prague-al00a by huawei
VAR-201711-1017
Vulnerability from variot - Updated: 2025-04-20 23:24The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot. Huawei Smartphone software contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei Glory 8 is a smartphone from China's Huawei company. Huawei Smart Phones are prone to a buffer-overflow vulnerability. Attackers can exploit this issue to reboot the system, denying service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-1017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prague-al00a",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-al00ac00b205"
},
{
"model": "prague-al00b",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-al00bc00b205"
},
{
"model": "prague-al00c",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-al00cc00b205"
},
{
"model": "prague-tl00a",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-tl00ac01b205"
},
{
"model": "prague-tl10a",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-tl10ac01b205"
},
{
"model": "glory youth edition \u003cprague-al00ac00b205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003cprague-al00bc00b205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003cprague-al00cc00b205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003cprague-tl00ac01b205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003cprague-tl10ac01b205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "prague-tl10a",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "prague-tl00a",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "prague-al00c",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "prague-al00b",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "prague-al00a",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "prague-tl10a tl10ac01b205",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl00a tl00ac01b205",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00c al00cc00b205",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00b al00bc00b205",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00a al00ac00b205",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "BID",
"id": "101959"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:prague-al00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl10a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yonggang Guo",
"sources": [
{
"db": "BID",
"id": "101959"
}
],
"trust": 0.3
},
"cve": "CVE-2017-8202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-8202",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-34228",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-8202",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8202",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-8202",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-34228",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-936",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot. Huawei Smartphone software contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei Glory 8 is a smartphone from China\u0027s Huawei company. Huawei Smart Phones are prone to a buffer-overflow vulnerability. \nAttackers can exploit this issue to reboot the system, denying service to legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8202"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "BID",
"id": "101959"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8202",
"trust": 3.3
},
{
"db": "BID",
"id": "101959",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-34228",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "BID",
"id": "101959"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"id": "VAR-201711-1017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
}
]
},
"last_update_date": "2025-04-20T23:24:50.351000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20171115-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en"
},
{
"title": "Huawei Glory 8 Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106219"
},
{
"title": "Huawei Honor 8 CameraISP Driver Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76646"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/101959"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8202"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8202"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171115-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "BID",
"id": "101959"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"db": "BID",
"id": "101959"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"date": "2017-11-15T00:00:00",
"db": "BID",
"id": "101959"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"date": "2017-11-22T19:29:05.083000",
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34228"
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "101959"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010816"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-936"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Buffer error vulnerability in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010816"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-936"
}
],
"trust": 0.6
}
}
VAR-201805-0209
Vulnerability from variot - Updated: 2024-11-23 22:52Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of the messages, successful exploit may cause information exposure. plural Huawei Smartphones contain a vulnerability related to input confirmation.Information may be obtained. HuaweiBerlin-L21HN and Prague-AL00A are all smartphone products of China Huawei. There are information disclosure vulnerabilities in various Huawei phones. Successful use of this vulnerability may result in partial disclosure of information due to failure to adequately verify the message
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prague-tl00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "tl00ac01b223"
},
{
"model": "prague-tl10a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "tl00ac01b223"
},
{
"model": "prague-al00c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "al00cc00b223"
},
{
"model": "prague-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "al00ac00b223"
},
{
"model": "prague-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "l31c432b208"
},
{
"model": "prague-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "al00bc00b223"
},
{
"model": "berlin-l21hn",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "l21hnc185b381"
},
{
"model": "berlin-l21hn",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00c",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-l31",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl10a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "berlin-l21hn the versions before berlin-l21hnc185b381",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00c the versions before prague-al00cc00b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-l31 the versions before prague-l31c432b208",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl00a the versions before prague-tl00ac01b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl10a the versions before prague-tl00ac01b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00a the versions before prague-al00ac00b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00b the versions before prague-al00bc00b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:berlin-l21hn_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-l31_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl10a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
}
]
},
"cve": "CVE-2017-17158",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-17158",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12842",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-17158",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17158",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17158",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-12842",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-315",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. When the user\u0027s smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of the messages, successful exploit may cause information exposure. plural Huawei Smartphones contain a vulnerability related to input confirmation.Information may be obtained. HuaweiBerlin-L21HN and Prague-AL00A are all smartphone products of China Huawei. There are information disclosure vulnerabilities in various Huawei phones. Successful use of this vulnerability may result in partial disclosure of information due to failure to adequately verify the message",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17158"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "CNVD",
"id": "CNVD-2018-12842"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17158",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-12842",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201712-315",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"id": "VAR-201805-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
}
]
},
"last_update_date": "2024-11-23T22:52:05.658000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180523-01-phone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-phone-en"
},
{
"title": "Patches for multiple Huawei mobile phone information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/134013"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-phone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17158"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17158"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180523-01-phone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"date": "2018-07-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"date": "2017-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"date": "2018-05-24T14:29:00.250000",
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12842"
},
{
"date": "2018-07-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013469"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-315"
},
{
"date": "2024-11-21T03:17:36.397000",
"db": "NVD",
"id": "CVE-2017-17158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to input confirmation in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013469"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-315"
}
],
"trust": 0.6
}
}
VAR-201803-1313
Vulnerability from variot - Updated: 2024-11-23 22:12The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. Huawei Smart Phone Software contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei Glory 8 Youth Edition is a smart phone device. The Huawei Glory 8 Youth Edition Bdat driver has an integer overflow vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prague-tl00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "prague-tl00ac01b211"
},
{
"model": "prague-tl10a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "prague-tl10ac01b211"
},
{
"model": "prague-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "prague-al00ac00b211"
},
{
"model": "prague-al00c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "prague-al00cc00b211"
},
{
"model": "prague-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "prague-al00bc00b211"
},
{
"model": "prague-al00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-al00c",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl00a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "prague-tl10a",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "glory youth edition \u003c=prague-al00ac00b211",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth version \u003c=prague-al00bc00b211",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003c=prague-al00cc00b211",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003c=prague-tl00ac01b211",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "glory youth edition \u003c=prague-tl10ac01b211",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:prague-al00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-al00c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:prague-tl10a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
}
]
},
"cve": "CVE-2017-15325",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-15325",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-06067",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-15325",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-15325",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-15325",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-06067",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-907",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-15325",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. Huawei Smart Phone Software contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei Glory 8 Youth Edition is a smart phone device. The Huawei Glory 8 Youth Edition Bdat driver has an integer overflow vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-15325"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "VULMON",
"id": "CVE-2017-15325"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-15325",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-06067",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-15325",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"id": "VAR-201803-1313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
}
]
},
"last_update_date": "2024-11-23T22:12:38.979000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180321-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
},
{
"title": "Huawei glory 8Bdat driver patch for integer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/122889"
},
{
"title": "Huawei glory 8 Youth version Bdat Fixes for driver digital error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79404"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15325"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15325"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"date": "2018-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"date": "2018-03-23T16:29:00.130000",
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06067"
},
{
"date": "2018-04-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-15325"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013017"
},
{
"date": "2018-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-907"
},
{
"date": "2024-11-21T03:14:28.067000",
"db": "NVD",
"id": "CVE-2017-15325"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Smart Phone Software integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-907"
}
],
"trust": 0.6
}
}