VAR-201804-1332
Vulnerability from variot - Updated: 2024-11-23 22:55Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded and run in the smart phone. Huawei AppGallery Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Huawei App Market. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of the launchApp method within the HiSpaceObject JavaScript interface. The issue lies in the lack of verification of the user-supplied arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Huawei AppGallery is a software integrated in Huawei mobile phones for downloading third-party applications from Huawei of China. There are security vulnerabilities in Huawei AppGallery versions earlier than 8.0.4.301
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1332",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "appgallery",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "8.0.4.301"
},
{
"model": "app market",
"scope": null,
"trust": 0.7,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:huawei:appgallery",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MWR Labs - Alex Plaskett James Loureiro Robert Miller and Georgi Geshev",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2018-7932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-137964",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-7932",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7932",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7932",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-7932",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-1388",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137964",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "VULHUB",
"id": "VHN-137964"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded and run in the smart phone. Huawei AppGallery Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Huawei App Market. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of the launchApp method within the HiSpaceObject JavaScript interface. The issue lies in the lack of verification of the user-supplied arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Huawei AppGallery is a software integrated in Huawei mobile phones for downloading third-party applications from Huawei of China. There are security vulnerabilities in Huawei AppGallery versions earlier than 8.0.4.301",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7932"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "VULHUB",
"id": "VHN-137964"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7932",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5348",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-875",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137964",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "VULHUB",
"id": "VHN-137964"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"id": "VAR-201804-1332",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137964"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:55:54.202000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180423-01-app",
"trust": 1.5,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en"
},
{
"title": "Huawei AppGallery Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79670"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-345",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137964"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7932"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7932"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "VULHUB",
"id": "VHN-137964"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"db": "VULHUB",
"id": "VHN-137964"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"date": "2018-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-137964"
},
{
"date": "2018-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"date": "2018-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"date": "2018-04-24T15:29:00.993000",
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-875"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-137964"
},
{
"date": "2018-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004568"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1388"
},
{
"date": "2024-11-21T04:12:58.790000",
"db": "NVD",
"id": "CVE-2018-7932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AppGallery Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004568"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1388"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.