Vulnerabilites related to Huawei - Mate 20
var-202004-0619
Vulnerability from variot
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.
A denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0619",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sydneym-l03",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.217\\(c605e1r1p1t8\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e3r1p14t8\\)"
},
{
"model": "sydney-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.258\\(c636e1r1p1t8\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e1r1p9t8\\)"
},
{
"model": "y9 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.220\\(c605e3r1p1t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c605e2r1p12t8\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c185e10r2p1\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.330\\(c461e1r1p9t8\\)"
},
{
"model": "alp-l29",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.315\\(c636e5r1p13t8\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.131\\(c00e131r3p1\\)"
},
{
"model": "nova lite 3",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.305\\(c635e8r2p2\\)"
},
{
"model": "sydney-l22br",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.258\\(c636e1r1p1t8\\)"
},
{
"model": "sydneym-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.228\\(c00e78r1p7t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.259\\(c185e1r1p2t8\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c461e2r2p1\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c185e1r1p9t8\\)"
},
{
"model": "p20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e3r3p1\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e2r1p12t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c432e7r1p11t8\\)"
},
{
"model": "alp-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.135\\(c00e133r2p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e5r1p14t8\\)"
},
{
"model": "sydneym-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c432e4r1p1t8\\)"
},
{
"model": "paris-l21b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c432e1r1p2t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c461e3r1p11t8\\)"
},
{
"model": "columbia-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "paris-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c636e1r1p3t8\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.186\\(c00e180r2p1\\)"
},
{
"model": "berkeley-al20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "mate 20 rs",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.135\\(c786e133r3p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c185e3r1p12t8\\)"
},
{
"model": "charlotte-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e4r1p11t8\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.193"
},
{
"model": "jackman-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.247\\(c636e2r4p1t8\\)"
},
{
"model": "honor v20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.234\\(c00e234r4p3\\)"
},
{
"model": "sydneym-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.226\\(c605e2r1p1t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.321\\(c636e4r1p14t8\\)"
},
{
"model": "honor 10 lite",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.283\\(c605e8r2p2\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c636e3r2p1\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c782e2r1p1t8\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c636e2r1p12t8\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c605e4r1p12t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c636e7r1p13t8\\)"
},
{
"model": "p20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c636e2r2p1\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e4r1p11t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.302\\(c635e4r1p13t8\\)"
},
{
"model": "sydney-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c432e1r1p1t8\\)"
},
{
"model": "sydney-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c432e2r3p2\\)"
},
{
"model": "alp-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.300\\(c432e4r1p9t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e8r1p11t8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.152\\(c00e150r5p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "sydney-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.212\\(c00e62r1p7t8\\)"
},
{
"model": "cornell-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "sydney-l21br",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p2t8\\)"
},
{
"model": "honor 8x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.221\\(c461e2r1p1t8\\)"
},
{
"model": "honor magic2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.187"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c605e3r1p12t8\\)"
},
{
"model": "charlotte-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e8r1p11t8\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c432e3r1p12\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.335\\(c636e3r1p13t8\\)"
},
{
"model": "paris-l21meb",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c185e4r1p3t8\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e10r1p12t8\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.238\\(c432e1r3p1\\)"
},
{
"model": "sydneym-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.221\\(c461e1r1p1t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.220\\(c635e1r1p2t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.216\\(c569e1r1p1t8\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e4r1p13t8\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.270\\(c432e3r1p1t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.330\\(c432e6r1p12t8\\)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "9.1.0.350(c10e3r1p14t8)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "9.1.0.350(c636e4r1p13t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "9.1.0.302(c635e4r1p13t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "9.1.0.321(c636e4r1p14t8)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.333(c00e333r2p1t8)"
},
{
"model": "alp-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.300(c432e4r1p9t8)"
},
{
"model": "alp-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.315(c636e5r1p13t8)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.333(c00e333r2p1t8)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.351(c432e5r1p13t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.330(c432e6r1p12t8)"
},
{
"model": "honor10 lite \u003charry-al00c 9.1.0.217",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "y9 \u003cjackman-l23 9.1.0.220",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.1.18d(c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.106(c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.113(sp2c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.113(sp3c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.113(sp7c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.118(c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.120(sp2c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.125(sp1c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.125(sp3c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.126(sp2c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.126(sp5c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.127(sp1c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.128(sp2c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.129"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.129(sp2c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.153(c00)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.336(c00)"
},
{
"model": "alp-l09",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.105(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.111(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.112d(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.116(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.119(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.119d(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.122(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.132(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.132d(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.142(c00)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.151(c00)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.127(c432)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.0.0.137(c432)"
},
{
"model": "charlotte-l09c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c185e4r1p11t8)"
},
{
"model": "charlotte-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.325(c185e4r1p11t8)"
},
{
"model": "charlotte-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.335(c636e3r1p13t8)"
},
{
"model": "charlotte-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.336(c605e3r1p12t8)"
},
{
"model": "columbia-al10b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.163(c00)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.146(c461)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.148(c185)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.151(c10)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.151(c432)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.350(c10e5r1p14t8)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.350(c185e3r1p12t8)"
},
{
"model": "columbia-l29d",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.350(c461e3r1p11t8)"
},
{
"model": "cornell-l29a",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.328(c185e1r1p9t8)"
},
{
"model": "cornell-l29a",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.328(c432e1r1p9t8)"
},
{
"model": "cornell-l29a",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.328(c636e2r1p12t8)"
},
{
"model": "emily-l09c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l09c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c185e2r1p12t8)"
},
{
"model": "emily-l09c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.336(c605e4r1p12t8)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.132a(c432)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.135(c782)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.154(c10)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.154(c461)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.154(c635)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.156(c185)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.156(c605)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.159(c636)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c10e2r1p13t8)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c185e2r1p12t8)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c432e7r1p11t8)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c461e2r1p11t8)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.311(c605e2r1p12t8)"
},
{
"model": "ever-l29b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.0.0.206(c185e3r3p1)"
},
{
"model": "ever-l29b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.0.0.207(c636e3r2p1)"
},
{
"model": "ever-l29b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.0.0.208(c432e3r1p12)"
},
{
"model": "ever-l29b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.310(c432e3r1p12)"
},
{
"model": "ever-l29b",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.310(c636e3r2p1)"
},
{
"model": "honor 10 lite",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "honor 10 lite",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.217(c00e215r3p1)"
},
{
"model": "honor 8x",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "honor 8x",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.217(c00e15r3p2t8)"
},
{
"model": "honor magic2",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "honor magic2",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "10.0.0.175(c00e59r2p11)"
},
{
"model": "honor v20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "honor v20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.0.1.161(c00e161r2p2)"
},
{
"model": "jackman-l22",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.2.0.156(c636r2p2)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.135(c00e133r3p1)"
},
{
"model": "mate 20 rs",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.109"
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.120"
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.121"
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.128"
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.130"
},
{
"model": "p20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.1.0.171(c00)"
},
{
"model": "p20 pro",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-l21",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.213(c185e1r1p1t8)"
},
{
"model": "sydneym-l01",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.213(c185e1r1p1t8)"
},
{
"model": "sydneym-l01",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.215(c782e2r1p1t8)"
},
{
"model": "sydneym-l21",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.215(c432e4r1p1t8)"
},
{
"model": "sydneym-l22",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.216(c569e1r1p1t8)"
},
{
"model": "sydneym-l22",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.220(c635e1r1p2t8)"
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.2.0.160(c185r2p2)"
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.2.0.162(c605)"
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "8.2.0.163(c605)"
},
{
"model": "yale-l21a",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.154(c432e2r3p2)"
},
{
"model": "yale-l21a",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.154(c461e2r2p1)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.300\\(c432e4r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.315\\(c636e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.321\\(c636e4r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.330\\(c432e6r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.302\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.335\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.336\\(c605e3r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.330\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.336\\(c605e4r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e10r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c636e3r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c432e3r1p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.131\\(c00e131r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c185e10r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.135\\(c786e133r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.193",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.186\\(c00e180r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.220\\(c605e3r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.305\\(c635e8r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.283\\(c605e8r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.221\\(c461e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.238\\(c432e1r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.247\\(c636e2r4p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c432e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c185e4r1p3t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c636e1r1p3t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.212\\(c00e62r1p7t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c432e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.228\\(c00e78r1p7t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c782e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.270\\(c432e3r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.217\\(c605e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.221\\(c461e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c432e4r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.259\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.220\\(c635e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.216\\(c569e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.226\\(c605e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c432e2r3p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c461e2r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c636e2r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.152\\(c00e150r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.187",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.234\\(c00e234r4p3\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5303"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "These two vulnerabilities were discovered by Huawei internal testing.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5303",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015526",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.2,
"id": "CNVD-2019-44785",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CVE-2019-5303",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015526",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5303",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015526",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-44785",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-1092",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-5303",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5303",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-44785",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-5303",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"id": "VAR-202004-0619",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
}
],
"trust": 1.1818007292857142
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
}
]
},
"last_update_date": "2023-12-18T14:04:45.203000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190814-01-mobile",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability (CNVD-2019-44785)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/193773"
},
{
"title": "Huawei Honor10 Lite and Huawei Y9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96758"
},
{
"title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5303"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5303"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165364"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"date": "2020-04-27T20:15:12.397000",
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"date": "2019-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44785"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5303"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015526"
},
{
"date": "2020-05-05T17:37:35.897000",
"db": "NVD",
"id": "CVE-2019-5303"
},
{
"date": "2020-09-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Input verification vulnerabilities on smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015526"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1092"
}
],
"trust": 0.6
}
}
var-202012-1394
Vulnerability from variot
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.277\\(c605e7r1p5\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r3p8\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.270\\(c432e7r1p5\\)"
},
{
"model": "p30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.272\\(c635e4r2p2\\)"
},
{
"model": "hima-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.273\\(c185e5r2p4\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.126\\(c605e19r1p3\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.273\\(c185e7r2p4\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.126\\(c10e7r5p1\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.270\\(c635e3r1p5\\)"
},
{
"model": "hima-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.273\\(c636e5r2p4\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.230\\(c432e9r5p1\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.126\\(c636e5r3p4\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.123\\(c432e22r2p5\\)"
},
{
"model": "laya-al00ep",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c786e160r3p8\\)"
},
{
"model": "hima-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.275\\(c10e4r2p4\\)"
},
{
"model": "princeton-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p11\\)"
},
{
"model": "yale-tl00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c01e160r8p12\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.126\\(c185e4r7p1\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.277\\(c10e7r2p4\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "yale-l61a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.225\\(c432e3r1p2\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.126\\(c636e7r3p4\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.273\\(c636e7r2p4\\)"
},
{
"model": "tony-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p11\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.231\\(c10e3r3p2\\)"
},
{
"model": "yale-l61a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.226\\(c10e3r1p1\\)"
},
{
"model": "yalep-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r8p12\\)"
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "tony-al00b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "princeton-al10b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "laya-al00ep",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hima-l29c",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 x",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.270\\(c432e7r1p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:9.1.0.272\\(c635e4r2p2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.273\\(c185e5r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.225\\(c432e3r1p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-tl00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c01e160r8p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.273\\(c185e7r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.277\\(c10e7r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.277\\(c605e7r1p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.123\\(c432e22r2p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.126\\(c10e7r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.126\\(c185e4r7p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.126\\(c605e19r1p3\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.126\\(c636e5r3p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.126\\(c636e7r3p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.273\\(c636e5r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.275\\(c10e4r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.226\\(c10e3r1p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9247"
}
]
},
"cve": "CVE-2020-9247",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-9247",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-9247",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9247",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-1901",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9247",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"id": "VAR-202012-1394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.464622195
},
"last_update_date": "2023-12-18T12:55:45.679000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200729-03-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
},
{
"title": "Repair measures for Huawei buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=129041"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9247"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200729-03-smartphone-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"date": "2020-12-07T13:15:11.123000",
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"date": "2020-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-03T04:39:00",
"db": "JVNDB",
"id": "JVNDB-2020-014149"
},
{
"date": "2020-12-08T16:27:30.147000",
"db": "NVD",
"id": "CVE-2020-9247"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1901"
}
],
"trust": 0.6
}
}
var-202004-0618
Vulnerability from variot
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.
A denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0618",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sydneym-l03",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.217\\(c605e1r1p1t8\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e3r1p14t8\\)"
},
{
"model": "sydney-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.258\\(c636e1r1p1t8\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e1r1p9t8\\)"
},
{
"model": "y9 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.220\\(c605e3r1p1t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c605e2r1p12t8\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c185e10r2p1\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.330\\(c461e1r1p9t8\\)"
},
{
"model": "alp-l29",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.315\\(c636e5r1p13t8\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.131\\(c00e131r3p1\\)"
},
{
"model": "nova lite 3",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.305\\(c635e8r2p2\\)"
},
{
"model": "sydney-l22br",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.258\\(c636e1r1p1t8\\)"
},
{
"model": "sydneym-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.228\\(c00e78r1p7t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.259\\(c185e1r1p2t8\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c461e2r2p1\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c185e1r1p9t8\\)"
},
{
"model": "p20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e3r3p1\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e2r1p12t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c432e7r1p11t8\\)"
},
{
"model": "alp-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.135\\(c00e133r2p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e5r1p14t8\\)"
},
{
"model": "sydneym-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c432e4r1p1t8\\)"
},
{
"model": "paris-l21b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c432e1r1p2t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c461e3r1p11t8\\)"
},
{
"model": "columbia-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "paris-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c636e1r1p3t8\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.186\\(c00e180r2p1\\)"
},
{
"model": "berkeley-al20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "mate 20 rs",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.135\\(c786e133r3p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c185e3r1p12t8\\)"
},
{
"model": "charlotte-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c185e4r1p11t8\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.193"
},
{
"model": "jackman-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.247\\(c636e2r4p1t8\\)"
},
{
"model": "honor v20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.234\\(c00e234r4p3\\)"
},
{
"model": "sydneym-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.226\\(c605e2r1p1t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.321\\(c636e4r1p14t8\\)"
},
{
"model": "honor 10 lite",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.283\\(c605e8r2p2\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c636e3r2p1\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c782e2r1p1t8\\)"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c636e2r1p12t8\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c605e4r1p12t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c636e7r1p13t8\\)"
},
{
"model": "p20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c636e2r2p1\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e4r1p11t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.302\\(c635e4r1p13t8\\)"
},
{
"model": "sydney-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.215\\(c432e1r1p1t8\\)"
},
{
"model": "sydney-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p1t8\\)"
},
{
"model": "yale-l21a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c432e2r3p2\\)"
},
{
"model": "alp-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.300\\(c432e4r1p9t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e8r1p11t8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.152\\(c00e150r5p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "sydney-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.212\\(c00e62r1p7t8\\)"
},
{
"model": "cornell-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "sydney-l21br",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.213\\(c185e1r1p2t8\\)"
},
{
"model": "honor 8x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.221\\(c461e2r1p1t8\\)"
},
{
"model": "honor magic2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.187"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c605e3r1p12t8\\)"
},
{
"model": "charlotte-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e8r1p11t8\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.310\\(c432e3r1p12\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.335\\(c636e3r1p13t8\\)"
},
{
"model": "paris-l21meb",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.331\\(c185e4r1p3t8\\)"
},
{
"model": "emily-l09c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.345\\(c432e10r1p12t8\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.238\\(c432e1r3p1\\)"
},
{
"model": "sydneym-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.221\\(c461e1r1p1t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.220\\(c635e1r1p2t8\\)"
},
{
"model": "sydneym-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.216\\(c569e1r1p1t8\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e4r1p13t8\\)"
},
{
"model": "sydneym-l01",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.270\\(c432e3r1p1t8\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.330\\(c432e6r1p12t8\\)"
},
{
"model": "alp-al00b",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.333(c00e333r2p1t8)"
},
{
"model": "alp-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.300(c432e4r1p9t8)"
},
{
"model": "alp-l29",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.315(c636e5r1p13t8)"
},
{
"model": "berkeley-al20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.333(c00e333r2p1t8)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.350(c10e3r1p14t8)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.350(c636e4r1p13t8)"
},
{
"model": "berkeley-l09",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.351(c432e5r1p13t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.302(c635e4r1p13t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.321(c636e4r1p14t8)"
},
{
"model": "bla-l29c",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.330(c432e6r1p12t8)"
},
{
"model": "honor10 lite \u003charry-al00c 9.1.0.217",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "y9 \u003cjackman-l23 9.1.0.220",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.300\\(c432e4r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.315\\(c636e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.321\\(c636e4r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.330\\(c432e6r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.302\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.335\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.336\\(c605e3r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.330\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.336\\(c605e4r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.345\\(c432e10r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c636e3r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c432e3r1p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.131\\(c00e131r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.310\\(c185e10r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.135\\(c786e133r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.193",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.186\\(c00e180r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.220\\(c605e3r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.305\\(c635e8r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.283\\(c605e8r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.221\\(c461e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.238\\(c432e1r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.247\\(c636e2r4p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c432e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c185e4r1p3t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.331\\(c636e1r1p3t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.212\\(c00e62r1p7t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c432e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.228\\(c00e78r1p7t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c782e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.270\\(c432e3r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.217\\(c605e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.221\\(c461e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.215\\(c432e4r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.259\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.220\\(c635e1r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.216\\(c569e1r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.226\\(c605e2r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c432e2r3p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c461e2r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c636e2r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.152\\(c00e150r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.187",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.234\\(c00e234r4p3\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5302"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "These two vulnerabilities were discovered by Huawei internal testing.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5302",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015525",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-33609",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CVE-2019-5302",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015525",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5302",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015525",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-33609",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-1095",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-5302",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing ",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5302",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-33609",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-5302",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"id": "VAR-202004-0618",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
}
],
"trust": 1.1818007292857142
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
}
]
},
"last_update_date": "2023-12-18T12:56:05.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190814-01-mobile",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/182801"
},
{
"title": "Huawei Honor10 Lite and Huawei Y9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96759"
},
{
"title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5302"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5302"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"date": "2020-04-27T20:15:12.337000",
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"date": "2019-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-33609"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5302"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015525"
},
{
"date": "2020-05-05T17:25:41.150000",
"db": "NVD",
"id": "CVE-2019-5302"
},
{
"date": "2020-09-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Input verification vulnerabilities on smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015525"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1095"
}
],
"trust": 0.6
}
}
var-202001-1007
Vulnerability from variot
HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8). HUAWEI Mate 20 Smartphones have an authentication vulnerability.Information obtained and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China's Huawei. Local attackers can use this vulnerability to leak information and affect the usability of the phone
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-1007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "eq",
"trust": 2.0,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.175\\(c00e70r3p8\\)"
},
{
"model": "mate 20",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "mate 20 firmware 10.0.0.175(c00e70r3p8)"
},
{
"model": "mate \u003c10.0.0.175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "10.0.0.175c00e70r3p8"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.139c00e133r3p1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.175\\(c00e70r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1840"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by Huawei internal testing.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
],
"trust": 0.6
},
"cve": "CVE-2020-1840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-1840",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-02969",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.0,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-1840",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1840",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-02969",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-779",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8). HUAWEI Mate 20 Smartphones have an authentication vulnerability.Information obtained and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China\u0027s Huawei. Local attackers can use this vulnerability to leak information and affect the usability of the phone",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "CNVD",
"id": "CNVD-2020-02969"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1840",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-02969",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"id": "VAR-202001-1007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
}
]
},
"last_update_date": "2023-12-18T12:17:26.572000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200115-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en"
},
{
"title": "Patch for Unknown vulnerability in Huawei Mate 20",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/197403"
},
{
"title": "Huawei Mate 20 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=107107"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Incorrect authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1840"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"date": "2020-01-21T19:15:14.020000",
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"date": "2020-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02969"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001478"
},
{
"date": "2020-01-29T17:17:11.133000",
"db": "NVD",
"id": "CVE-2020-1840"
},
{
"date": "2020-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI\u00a0Mate\u00a020\u00a0 Authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-779"
}
],
"trust": 0.6
}
}
var-202009-1319
Vulnerability from variot
HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service. Huawei Mate 20 is a smartphone launched by Huawei
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1319",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.163\\(c00e160r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.1.0.163 (c00e160r3p8)"
},
{
"model": "mate \u003c10.1.0.163",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.163\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9083"
}
]
},
"cve": "CVE-2020-9083",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010546",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-52403",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010546",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9083",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-010546",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-52403",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-250",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service. Huawei Mate 20 is a smartphone launched by Huawei",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "CNVD",
"id": "CNVD-2020-52403"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9083",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-52403",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "48891",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"id": "VAR-202009-1319",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
}
]
},
"last_update_date": "2023-12-18T13:12:50.031000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200902-03-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 denial of service vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/234322"
},
{
"title": "HUAWEI Mate 20 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=127983"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9083"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-9083"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48891"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"date": "2021-01-27T02:27:22",
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"date": "2020-09-03T19:15:12.353000",
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"date": "2020-09-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52403"
},
{
"date": "2021-01-27T02:27:22",
"db": "JVNDB",
"id": "JVNDB-2020-010546"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-9083"
},
{
"date": "2022-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Input verification vulnerabilities on smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010546"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-250"
}
],
"trust": 0.6
}
}
var-202004-0961
Vulnerability from variot
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. Huawei Mate 20 is a smart phone of the Chinese company Huawei.
Before Huawei Mate 20 10.0.0.188 (C00E74R3P8), there was an access control error vulnerability. The vulnerability stems from the system’s failure to properly restrict the modification of configuration files by specific users. An attacker can exploit a series of operations in ADB debugging mode. The vulnerability caused the application lock to be bypassed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0961",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.188(c00e74r3p8)"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.131(c00e131r3p1)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "9.1.0.139(c00e133r3p1)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "10.0.0.175(c00e70r3p8)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "10.0.0.185(c00e74r3p8)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1807"
}
]
},
"cve": "CVE-2020-1807",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-004654",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-27122",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1807",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.9,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-004654",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1807",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-004654",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-27122",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1954",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2020-1807",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user\u0027s modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. Huawei Mate 20 is a smart phone of the Chinese company Huawei. \n\r\n\r\nBefore Huawei Mate 20 10.0.0.188 (C00E74R3P8), there was an access control error vulnerability. The vulnerability stems from the system\u2019s failure to properly restrict the modification of configuration files by specific users. An attacker can exploit a series of operations in ADB debugging mode. The vulnerability caused the application lock to be bypassed",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1807",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-27122",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-1807",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"id": "VAR-202004-0961",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
}
]
},
"last_update_date": "2023-12-18T13:43:00.059000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200422-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 access control error vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/216753"
},
{
"title": "Huawei Mate 20 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116723"
},
{
"title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=daf6c3e6182f254486d0180254736189"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-863",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1807"
},
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1807"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200422-01-smartphone-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/180312"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"date": "2020-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"date": "2020-04-27T15:15:13.080000",
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27122"
},
{
"date": "2020-04-30T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1807"
},
{
"date": "2020-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004654"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-1807"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004654"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1954"
}
],
"trust": 0.6
}
}
var-202003-1093
Vulnerability from variot
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.188(c00e74r3p8)"
},
{
"model": "mate 30 pro",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.203(c00e202r7p2)"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.0.0.203",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1794"
}
]
},
"cve": "CVE-2020-1794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003140",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-21998",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003140",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003140",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-21998",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1139",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "CNVD",
"id": "CNVD-2020-21998"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1794",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-21998",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1139",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"id": "VAR-202003-1093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
}
],
"trust": 1.23380308
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
}
]
},
"last_update_date": "2023-12-18T13:47:34.592000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200318-02-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-21998)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/213049"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1794"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1794"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"date": "2020-03-20T15:15:13.950000",
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21998"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003140"
},
{
"date": "2020-03-24T20:46:35.713000",
"db": "NVD",
"id": "CVE-2020-1794"
},
{
"date": "2020-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 and Mate 30 Pro Authentication vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003140"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1139"
}
],
"trust": 0.6
}
}
var-202008-1055
Vulnerability from variot
HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the device is affected. HUAWEI Mate 20 There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 20 is a smartphone of China's Huawei (Huawei) company. An attacker can use this vulnerability to achieve a successful connection when the object refuses the P2P connection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.205\\(c00e205r2p1\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.0.0.205(c00e205r2p1)"
},
{
"model": "mate 9.0.0.205",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "NVD",
"id": "CVE-2020-9103"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:9.0.0.205\\(c00e205r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9103"
}
]
},
"cve": "CVE-2020-9103",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-009599",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-52406",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-009599",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9103",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-009599",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-52406",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "NVD",
"id": "CVE-2020-9103"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the device is affected. HUAWEI Mate 20 There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 20 is a smartphone of China\u0027s Huawei (Huawei) company. An attacker can use this vulnerability to achieve a successful connection when the object refuses the P2P connection",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "CNVD",
"id": "CNVD-2020-52406"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9103",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-52406",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202008-855",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"id": "VAR-202008-1055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
}
]
},
"last_update_date": "2023-12-18T13:51:47.603000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200812-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-smartphone-en"
},
{
"title": "Patch for HUAWEI Mate 20 logic error vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/231265"
},
{
"title": "Huawei Mate 20 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126542"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9103"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9103"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"date": "2020-11-20T06:26:56",
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"date": "2020-08-17T15:15:15.340000",
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"date": "2020-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52406"
},
{
"date": "2020-11-20T06:26:56",
"db": "JVNDB",
"id": "JVNDB-2020-009599"
},
{
"date": "2020-08-21T18:20:47.780000",
"db": "NVD",
"id": "CVE-2020-9103"
},
{
"date": "2020-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009599"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-855"
}
],
"trust": 0.6
}
}
var-201911-0830
Vulnerability from variot
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China's Huawei company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0830",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "hima-al00b_9.1.0.135\\(c00e200r2p1\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "hima-al00b 9.1.0.135(c00e200r2p1)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "vogue-al00a 9.1.0.193(c00e190r1p12)"
},
{
"model": "p30",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "elle-al00b 9.1.0.193(c00e190r1p21)"
},
{
"model": "p30 \u003celle-al00b 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro \u003cvogue-al00a 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003chima-al00b 9.1.0.135",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e200r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5225"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by an external researcher.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5225",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-5225",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2019-41838",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-5225",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5225",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-41838",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-1747",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China\u0027s Huawei company",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "CNVD",
"id": "CNVD-2019-41838"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5225",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-41838",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"id": "VAR-201911-0830",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
}
],
"trust": 1.431770852
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
}
]
},
"last_update_date": "2023-12-18T11:59:18.486000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190821-02-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
},
{
"title": "Patch for Huawei P30, Mate 20, and P30 Pro Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/191711"
},
{
"title": "Huawei P30 , Mate 20 and P30 Pro Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=97331"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5225"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190821-02-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5225"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"date": "2019-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"date": "2019-11-29T20:15:11.753000",
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"date": "2019-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41838"
},
{
"date": "2019-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012618"
},
{
"date": "2019-12-06T21:25:40.120000",
"db": "NVD",
"id": "CVE-2019-5225"
},
{
"date": "2019-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Classic Buffer Overflow Vulnerability in Smartphone Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012618"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1747"
}
],
"trust": 0.6
}
}
var-202002-0214
Vulnerability from variot
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0214",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "android",
"scope": "eq",
"trust": 1.8,
"vendor": "google",
"version": "8.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.8,
"vendor": "google",
"version": "8.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "9.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "10.0"
},
{
"model": "p smart 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.180\\(c185e3r4p1\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(c00e85r2p8\\)"
},
{
"model": "honor 8a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.291\\(c185e3r4p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(c00e74r3p8\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(c636e3r4p3\\)"
},
{
"model": "p20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.162\\(c00e156r1p4\\)"
},
{
"model": "y9 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.264\\(c185e2r5p1t8\\)"
},
{
"model": "honor 8x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.183\\(c185e2r6p1\\)"
},
{
"model": "mate 30 5g",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "mate 30 pro 5g",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "p smart",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.193\\(c605e6r1p5t8\\)"
},
{
"model": "y6 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.290\\(c185e5r4p1\\)"
},
{
"model": "nova lite 3",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.322\\(c635e8r2p2\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.196\\(c185e7r2p4\\)"
},
{
"model": "mate 30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "y6 pro 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.290\\(c636e5r3p1\\)"
},
{
"model": "p20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.162\\(c00e156r1p4\\)"
},
{
"model": "nova 3",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.338\\(c00e333r1p1t8\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(c00e74r2p8\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.190\\(c432e22r2p5\\)"
},
{
"model": "mate 30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "android",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "9"
},
{
"model": "android",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "10"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "nu11secur1ty",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
}
],
"trust": 0.6
},
"cve": "CVE-2020-0022",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-0022",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-0022",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-0022",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-366",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-0022",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "VULMON",
"id": "CVE-2020-0022"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-0022",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "156891",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "45798",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "49115",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-0022",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"id": "VAR-202002-0214",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.585712201
},
"last_update_date": "2024-02-27T23:07:41.847000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android\u00a0 Public information about security \u00a0-\u00a02020\u00a0 Year \u00a02\u00a0 Moon",
"trust": 0.8,
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"title": "Android Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=110484"
},
{
"title": "Huawei Security Advisories: Security Advisory - Integer Overflow Vulnerability in Android affects Several Huawei Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=5ecb6a3686ddfa79c27cc2c950827f9f"
},
{
"title": "CVE-2020-0022\nUpdate 1\nUpdate 2",
"trust": 0.1,
"url": "https://github.com/marcinguy/cve-2020-0022 "
},
{
"title": "https://github.com/Polo35/CVE-2020-0022",
"trust": 0.1,
"url": "https://github.com/polo35/cve-2020-0022 "
},
{
"title": "Bluefrag_CVE-2020-0022",
"trust": 0.1,
"url": "https://github.com/k3vinlusec/bluefrag_cve-2020-0022 "
},
{
"title": "cve-2020-0022",
"trust": 0.1,
"url": "https://github.com/devdanqtuan/poc-for-cve-2020-0022 "
},
{
"title": "cve-2020-0022",
"trust": 0.1,
"url": "https://github.com/leommxj/cve-2020-0022 "
},
{
"title": "AndroidBlueFragCVE",
"trust": 0.1,
"url": "https://github.com/sharif-dev/androidbluefragcve "
},
{
"title": "cve-2020-0022",
"trust": 0.1,
"url": "https://github.com/5k1l/cve-2020-0022 "
},
{
"title": "CVE-2020-0022",
"trust": 0.1,
"url": "https://github.com/themmokhtar/cve-2020-0022 "
},
{
"title": "CVE-2020-14292: A bluetooth transport issue in COVIDSafe App",
"trust": 0.1,
"url": "https://github.com/alwentiu/cve-2020-14292 "
},
{
"title": "https://github.com/seemoo-lab/frankenstein",
"trust": 0.1,
"url": "https://github.com/seemoo-lab/frankenstein "
},
{
"title": "Protocol-Vulnerability\nRelated Resources\nContributors",
"trust": 0.1,
"url": "https://github.com/winmin/protocol-vul "
},
{
"title": "\u7b80\u4ecb\n\u5b89\u88c5\n\u4f7f\u7528\nhttpserver\u63a5\u53e3",
"trust": 0.1,
"url": "https://github.com/he1m4n6a/cve-db "
},
{
"title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
"trust": 0.1,
"url": "https://github.com/jeffromf/awesome-bluetooth-security321 "
},
{
"title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "\u6240\u6709\u6536\u96c6\u7c7b\u9879\u76ee\nAndroid\n\u76ee\u5f55\n\u8d44\u6e90\u6536\u96c6\n\u77e5\u540d\u5206\u6790\u5de5\u5177\n\u5404\u7c7bApp\nTopic\n\u5176\u4ed6\n\u5de5\u5177\n\u6587\u7ae0\n\u8d21\u732e",
"trust": 0.1,
"url": "https://github.com/alphaseclab/android-security "
},
{
"title": "OPSEC-Hall-of-fame \ud83d\ude0e",
"trust": 0.1,
"url": "https://github.com/offensive-penetration-security/opsec-hall-of-fame "
},
{
"title": "CVE-Mitre\nDownload single CVE",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/cve-mitre "
},
{
"title": "CVE-Mitre\nDownload single CVE",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/cve "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/soosmile/poc "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/02/07/android_bluetooth_flaw/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-682",
"trust": 1.0
},
{
"problemtype": "calculation error (CWE-682) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/156891/android-bluetooth-remote-denial-of-service.html"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2020/feb/10"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0022"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/45798"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200513-03-smartphone-cn"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/49115"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/682.html"
},
{
"trust": 0.1,
"url": "https://github.com/marcinguy/cve-2020-0022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"date": "2020-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"date": "2020-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"date": "2020-02-13T15:15:11.780000",
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2020-0022"
},
{
"date": "2024-02-27T07:11:00",
"db": "JVNDB",
"id": "JVNDB-2020-001993"
},
{
"date": "2020-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-366"
},
{
"date": "2024-02-02T13:50:38.707000",
"db": "NVD",
"id": "CVE-2020-0022"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android\u00a0 calculation error vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001993"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-366"
}
],
"trust": 0.6
}
}
var-202010-1173
Vulnerability from variot
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China's Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim's mobile phone before launching an attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-1173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate \u003c10.1.0.160",
"scope": "eq",
"trust": 1.2,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate \u003c10.1.0.160",
"scope": "eq",
"trust": 1.2,
"vendor": "huawei",
"version": "20x"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c01e160r2p8\\)"
},
{
"model": "laya-al00ep",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c786e160r3p8\\)"
},
{
"model": "tony-tl00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c01e160r2p11\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r3p8\\)"
},
{
"model": "tony-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p11\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c01e160r2p8\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "laya-al00ep",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 x",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "tony-al00b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "tony-tl00b",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "laya-al00ep \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "tony-al00b \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "tony-tl00b \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-tl00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c01e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9109"
}
]
},
"cve": "CVE-2020-9109",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 1.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-9109",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-68354",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-9109",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9109",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-68354",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1687",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-9109",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim\u0027s smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China\u0027s Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim\u0027s mobile phone before launching an attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "VULMON",
"id": "CVE-2020-9109"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9109",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-68354",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9109",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"id": "VAR-202010-1173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
}
],
"trust": 1.0861262925
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
}
]
},
"last_update_date": "2023-12-18T13:37:38.887000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200930-01-dos",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple Huawei Products (CNVD-2020-68354)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/241534"
},
{
"title": "HUAWEI Mate 20 and HUAWEI Mate 20 X and HUAWEI P30 Pro and HUAWEI Mate 20 RS And glory Magic2 Repair measures for data forgery problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131165"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inadequate verification of data reliability (CWE-345) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9109"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200930-01-dos-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/345.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189257"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"date": "2020-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"date": "2021-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"date": "2020-10-12T14:15:14.340000",
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"date": "2020-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-68354"
},
{
"date": "2020-10-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9109"
},
{
"date": "2021-04-30T07:13:00",
"db": "JVNDB",
"id": "JVNDB-2020-012335"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-9109"
},
{
"date": "2020-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Insufficient verification vulnerability in data reliability in smartphone products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012335"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1687"
}
],
"trust": 0.6
}
}
var-202007-1264
Vulnerability from variot
HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. plural Huawei A past traversal vulnerability exists in smartphones.Information may be tampered with. Huawei Mate 20 and others are all smart phones of China's Huawei (Huawei) company.
There are security vulnerabilities in many Huawei products. The vulnerability is caused by the program's failure to correctly verify the path name of the process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20 rs",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c786e160r3p8\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.135\\(c00e135r2p8\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r3p8\\)"
},
{
"model": "magic2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p11\\)"
},
{
"model": "magic 2",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.1.0.160(c00e160r2p11)"
},
{
"model": "mate 20 rs",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.1.0.160(c786e160r3p8)"
},
{
"model": "mate 20 x",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.1.0.135(c00e135r2p8)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.1.0.160(c00e160r3p8)"
},
{
"model": "mate \u003c10.1.0.160",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.1.0.277",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate \u003c10.1.0.135",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
},
{
"model": "mate rs porsche design",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20\u003c10.1.0.160"
},
{
"model": "honor magic2 \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.135\\(c00e135r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:magic2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:magic2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9252"
}
]
},
"cve": "CVE-2020-9252",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-008289",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-52401",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.3,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-008289",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9252",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-008289",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-52401",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-1112",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. plural Huawei A past traversal vulnerability exists in smartphones.Information may be tampered with. Huawei Mate 20 and others are all smart phones of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere are security vulnerabilities in many Huawei products. The vulnerability is caused by the program\u0027s failure to correctly verify the path name of the process",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "CNVD",
"id": "CNVD-2020-52401"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9252",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-52401",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1112",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"id": "VAR-202007-1264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
}
],
"trust": 1.308135315
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
}
]
},
"last_update_date": "2023-12-18T13:07:29.982000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200715-07-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en"
},
{
"title": "Patch for Path traversal vulnerabilities in multiple Huawei products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/234337"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9252"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9252"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200715-07-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"date": "2020-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"date": "2020-07-17T23:15:11.537000",
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"date": "2020-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-52401"
},
{
"date": "2020-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008289"
},
{
"date": "2020-07-22T20:06:57.393000",
"db": "NVD",
"id": "CVE-2020-9252"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Path traversal vulnerability in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008289"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1112"
}
],
"trust": 0.6
}
}
var-201911-0832
Vulnerability from variot
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC.
There are security vulnerabilities in various Huawei products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0832",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hisuite",
"scope": "lt",
"trust": 1.6,
"vendor": "huawei",
"version": "9.1.0.305"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)"
},
{
"model": "hisuite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 \u003celle-al00b 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro \u003cvogue-al00a 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003chima-al00b 9.1.0.135",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.305",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5227"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vendor",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5227",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5227",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-30711",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5227",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5227",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-30711",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-199",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. \n\nThere are security vulnerabilities in various Huawei products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "CNVD",
"id": "CNVD-2019-30711"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5227",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-30711",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "44307",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"id": "VAR-201911-0832",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
}
],
"trust": 1.431770852
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
}
]
},
"last_update_date": "2023-12-18T12:49:59.333000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190904-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"title": "Patch for Multiple Huawei product version downgrade vulnerabilities (CNVD-2019-30711)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/179201"
},
{
"title": "Multiple Huawei Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=97957"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-346",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5227"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190904-01-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5227"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/44307"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"date": "2019-11-29T20:15:11.863000",
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"date": "2019-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30711"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012739"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2019-5227"
},
{
"date": "2019-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to input confirmation in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-199"
}
],
"trust": 0.6
}
}
var-201812-0944
Vulnerability from variot
Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. plural Huawei In product Contains an access control vulnerability.Information may be obtained. Huawei VIP App is a pre-installed membership service application for mobile phones of China Huawei (Huawei)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0944",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vip app",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "4.0.5"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "nova 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "nova 3i",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 3",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 3i",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:huawei:vip_app:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_3i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_3i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7956"
}
]
},
"cve": "CVE-2018-7956",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7956",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137988",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-7956",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7956",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-914",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-137988",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137988"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. plural Huawei In product Contains an access control vulnerability.Information may be obtained. Huawei VIP App is a pre-installed membership service application for mobile phones of China Huawei (Huawei)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "VULHUB",
"id": "VHN-137988"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7956",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137988",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137988"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"id": "VAR-201812-0944",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137988"
}
],
"trust": 0.6511364
},
"last_update_date": "2023-12-18T13:02:23.358000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20181129-01-huaweivip-en",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
},
{
"title": "Huawei VIP App Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87337"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137988"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7956"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7956"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-cn"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137988"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137988"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-137988"
},
{
"date": "2019-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"date": "2018-12-04T18:29:00.310000",
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"date": "2018-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-137988"
},
{
"date": "2019-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014330"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-7956"
},
{
"date": "2022-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei In product Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014330"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-914"
}
],
"trust": 0.6
}
}
var-201912-0803
Vulnerability from variot
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China's Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system's failure to adequately verify the path name from an application. information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0803",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.226\\(c00e210r2p1\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.226\\(c00e220r2p1\\)"
},
{
"model": "m6",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.1.150\\(c00e150r1p150\\)"
},
{
"model": "honor 20s",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.1.132\\(c00e131r6p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.139\\(c00e133r3p1\\)"
},
{
"model": "enjoy 7s",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.130\\(c00e115r2p8t8\\)"
},
{
"model": "honor v10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "honor 9 lite",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.130\\(c00e112r2p10t8\\)"
},
{
"model": "honor 9i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.120\\(c00e113r1p6t8\\)"
},
{
"model": "honor 9 lite",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.143\\(c636e5r1p5t8\\)"
},
{
"model": "enjoy 7s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 9 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 9i",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 10",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "m6",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor \u003c9.1.0.333",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v10"
},
{
"model": "p30 \u003c9.1.0.226",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "enjoy 7s",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.130"
},
{
"model": "mate \u003c9.1.0.139",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor lite \u003c9.1.0.130",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "honor lite \u003c9.1.0.143",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "honor 9i \u003c9.1.0.120",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "m6 \u003c9.1.1.150",
"scope": null,
"trust": 0.6,
"vendor": "ibaby",
"version": null
},
{
"model": "p30 pro \u003c9.1.0.226",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20s \u003c9.1.1.132",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.226\\(c00e220r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:enjoy_7s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.130\\(c00e115r2p8t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:enjoy_7s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.139\\(c00e133r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.143\\(c636e5r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.120\\(c00e113r1p6t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:m6_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.1.150\\(c00e150r1p150\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:m6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.226\\(c00e210r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.1.132\\(c00e131r6p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.130\\(c00e112r2p10t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5251"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by an external researcher. Huawei thanks the researcher for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5251",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-5251",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-02966",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-5251",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5251",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-02966",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-175",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China\u0027s Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system\u0027s failure to adequately verify the path name from an application. information",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "CNVD",
"id": "CNVD-2020-02966"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5251",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-02966",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"id": "VAR-201912-0803",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
}
],
"trust": 1.295306911
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
}
]
},
"last_update_date": "2023-12-18T13:13:10.975000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20191204-03-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
},
{
"title": "Patch for Multiple Huawei Product Path Traversal Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/197281"
},
{
"title": "Multiple Huawei Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=103979"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5251"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5251"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"date": "2019-12-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"date": "2019-12-13T15:15:11.317000",
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"date": "2019-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02966"
},
{
"date": "2019-12-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013191"
},
{
"date": "2019-12-18T16:13:27.443000",
"db": "NVD",
"id": "CVE-2019-5251"
},
{
"date": "2020-09-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability of past traversal in smartphone products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013191"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-175"
}
],
"trust": 0.6
}
}
var-202005-0668
Vulnerability from variot
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. Huawei Mate 20 is a smart phone of the Chinese company Huawei. The vulnerability stems from the fact that the healthy use of mobile phone functions does not adequately limit the duration of user use. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(sp31c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.195(sp31c00e74r3p8)"
},
{
"model": "mate \u003c10.0.0.195",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.195\\(sp31c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1831"
}
]
},
"cve": "CVE-2020-1831",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 1.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005965",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CNVD-2020-31279",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005965",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1831",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-005965",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-31279",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-1352",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. Huawei Mate 20 is a smart phone of the Chinese company Huawei. The vulnerability stems from the fact that the healthy use of mobile phone functions does not adequately limit the duration of user use. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "CNVD",
"id": "CNVD-2020-31279"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1831",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31279",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"id": "VAR-202005-0668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
}
]
},
"last_update_date": "2023-12-18T12:35:31.371000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200527-04-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 authorization issue vulnerability (CNVD-2020-31279)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/220025"
},
{
"title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119908"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1831"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1831"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200527-04-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"date": "2020-05-29T21:15:10.023000",
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"date": "2020-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31279"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005965"
},
{
"date": "2020-06-02T17:25:31.950000",
"db": "NVD",
"id": "CVE-2020-1831"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005965"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-1352"
}
],
"trust": 0.6
}
}
var-202003-1095
Vulnerability from variot
There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Huawei Mate 20 and Mate 30 Pro are smartphones of the Chinese company Huawei. This vulnerability stems from the system’s failure to properly authorize low-privilege users. Attackers can use this The vulnerability performs an unauthorized operation. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by improper authentication. An attacker could exploit this vulnerability, an attacker could exploit this vulnerability bypass security restrictions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1095",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 30 pro",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "mate 20",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.188(c00e74r3p8)"
},
{
"model": "mate 30 pro",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.203(c00e202r7p2)"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.0.0.203",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1796"
}
]
},
"cve": "CVE-2020-1796",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003136",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-22002",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1796",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003136",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1796",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003136",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-22002",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1155",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-1796",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Huawei Mate 20 and Mate 30 Pro are smartphones of the Chinese company Huawei. This vulnerability stems from the system\u2019s failure to properly authorize low-privilege users. Attackers can use this The vulnerability performs an unauthorized operation. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by improper authentication. An attacker could exploit this vulnerability, an attacker could exploit this vulnerability bypass security restrictions",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1796",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-22002",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-1796",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"id": "VAR-202003-1095",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
}
],
"trust": 1.23380308
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
}
]
},
"last_update_date": "2023-12-18T13:01:49.105000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200318-05-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/213041"
},
{
"title": "Huawei Mate 20 and Mate 30 Pro Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112631"
},
{
"title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=eb8ff91f7c4b0cfb1f64e43153793bcb"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1796"
},
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1796"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-05-smartphone-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/178027"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"date": "2020-03-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"date": "2020-03-20T15:15:14.107000",
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22002"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1796"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003136"
},
{
"date": "2020-03-24T15:20:17.623000",
"db": "NVD",
"id": "CVE-2020-1796"
},
{
"date": "2020-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 and Mate 30 Pro Unauthorized authentication vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003136"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1155"
}
],
"trust": 0.6
}
}
var-202005-0618
Vulnerability from variot
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. Huawei Mate 20 is a smart phone of the Chinese company Huawei. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0618",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.185\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.185(c00e74r3p8)"
},
{
"model": "mate \u003c10.0.0.185",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.185\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1797"
}
]
},
"cve": "CVE-2020-1797",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005917",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31280",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005917",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1797",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-005917",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-31280",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-1350",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. Huawei Mate 20 is a smart phone of the Chinese company Huawei. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "CNVD",
"id": "CNVD-2020-31280"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1797",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31280",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"id": "VAR-202005-0618",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
}
]
},
"last_update_date": "2023-12-18T14:00:30.620000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200527-03-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 authorization issue vulnerability (CNVD-2020-31280)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/220047"
},
{
"title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119907"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-863",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1797"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1797"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200527-03-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"date": "2020-05-29T20:15:11.107000",
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"date": "2020-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31280"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005917"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-1797"
},
{
"date": "2020-06-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005917"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-1350"
}
],
"trust": 0.6
}
}
var-201907-0268
Vulnerability from variot
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2). Huawei Mate 20 is a smartphone from China's Huawei company. The vulnerability stems from insufficient system validation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "honor magic 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "tony-al00b\\/tony-tl00b_9.0.0.182\\(c00e180r2p2\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "hima-al00b\\/hima-tl00b_9.0.0.200\\(c00e200r2p1\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "ever-al00b_9.0.0.200\\(c00e200r2p1\\)"
},
{
"model": "honor magic 2",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "tony-al00b/tony-tl00b 9.0.0.182(c00e180r2p2)"
},
{
"model": "mate 20 x",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "ever-al00b 9.0.0.200(c00e200r2p1)"
},
{
"model": "mate 20",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "hima-al00b/hima-tl00b 9.0.0.200(c00e200r2p1)"
},
{
"model": "mate \u003cever-al00b 9.0.0.200",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
},
{
"model": "mate \u003chima-al00b/hima-tl00b 9.0.0.200",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
},
{
"model": "honor magic \u003ctony-al00b/tony-tl00b 9.0.0.182",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "ever-al00b_9.0.0.200\\(c00e200r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "hima-al00b\\/hima-tl00b_9.0.0.200\\(c00e200r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "tony-al00b\\/tony-tl00b_9.0.0.182\\(c00e180r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5220"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by Huawei internal testing.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5220",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5220",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-25751",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5220",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5220",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-25751",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-1047",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2). Huawei Mate 20 is a smartphone from China\u0027s Huawei company. The vulnerability stems from insufficient system validation",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "CNVD",
"id": "CNVD-2019-25751"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5220",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-25751",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"id": "VAR-201907-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
}
],
"trust": 1.5125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
}
]
},
"last_update_date": "2023-12-18T12:43:26.641000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190626-01-frp",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
},
{
"title": "Huawei Mate 20 X, Mate 20 and Honor Magic 2 security bypass vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/173069"
},
{
"title": "Huawei Mate 20 X , Mate 20 and Honor Magic 2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=94174"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "CWE-275",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190626-01-frp-cn"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5220"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5220"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"date": "2019-07-10T18:15:11.067000",
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"date": "2019-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25751"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006517"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-5220"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Product permission vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006517"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1047"
}
],
"trust": 0.6
}
}
var-201908-1958
Vulnerability from variot
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. The issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.
This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 7) - aarch64, noarch, ppc64le
Bug Fix(es):
-
kernel modules pkey and paes_s390 are not available (BZ#1719192)
-
pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)
-
System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)
-
kernel: jump label transformation performance (BZ#1739143)
-
Backport i40e MDD detection removal for PFs (BZ#1747618)
-
7.5) - ppc64, ppc64le, x86_64
Bug Fix(es):
-
TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732810)
-
skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ#1733896)
-
[mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306)
-
use "make -jN" for modules_install (BZ#1735082)
-
Backport TCP follow-up for small buffers (BZ#1739128)
-
[FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740176)
-
RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745437)
-
RHEL7.6 - powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745439)
-
RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745447)
Bug Fix(es):
-
port show-kabi to python3 (BZ#1806924)
-
7.6) - ppc64le, x86_64
-
Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. 8) - aarch64, noarch, ppc64le, s390x, x86_64
-
7.3) - noarch, x86_64
Bug Fix(es):
-
kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3055-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3055 Issue date: 2019-10-15 CVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506 CVE-2019-10126 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
-
kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
-
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
-
kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fixes:
-
gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)
-
[FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)
-
high update_cfs_rq_blocked_load contention (BZ#1740180)
-
[Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)
-
kvm: backport cpuidle-haltpoll driver (BZ#1740192)
-
Growing unreclaimable slab memory (BZ#1741920)
-
[bnx2x] ping failed from pf to vf which has been attached to vm (BZ#1741926)
-
[Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)
-
Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)
-
RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)
-
RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ#1744444)
-
NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)
-
[Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)
-
NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)
-
[Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)
-
Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579)
-
[LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1752421)
Users of kernel are advised to upgrade to these updated packages, which fix these bugs.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
ppc64: bpftool-3.10.0-1062.4.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64.rpm perf-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm
ppc64le: bpftool-3.10.0-1062.4.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64le.rpm perf-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
s390x: bpftool-3.10.0-1062.4.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm kernel-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-headers-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.1.el7.s390x.rpm perf-3.10.0-1062.4.1.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm python-perf-3.10.0-1062.4.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm
ppc64le: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-20856 https://access.redhat.com/security/cve/CVE-2019-3846 https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/cve/CVE-2019-10126 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXaYG69zjgjWX9erEAQjA1Q/7Bte0lgWfI6xE9bw9FqrE7ZFw3Jq5bqV1 8PYYAZBFCLUHsC1HS33jiTGGaS5xbqR4yrtNCnZHLhsZU6w9avm0zDFW2CEzAwRC Uri5R30mCVtc2p3jsHupNKrKhzzkmKjz2J5gYn+ubX9Ok7ScxZZ8ucF9kJcSx7LL qswocd0lWkbjy/2MY0t6MCMnvoNvgOB1XEmQE5a9CHrHtKe9kEJcWJUht6vXqhZ4 SJYkMLDIsDYOXFsWBwZnKT0BVXNurS9+g7b7MX4ZaQATN5MD9x7jP7FYTIp8lhyJ NKOqa8/D5eFGKF3YlgySgqXZ22XT1MasENDJ7OS62lRQd+/eeznyK0CUOAtILLvH 1GTfXgz8nvMynX+ZKkiZv5+tEFCWFNKkHudYuzoirFa+p29l0YWW6SjfPN+c3NnE 9DLfZhqYuX2tcx3O8khxjS/okRh5mBFQvzXlWqyPmgqsbjP0L5R2YoPNMzzGB3OQ FA/QgjD8AD9Tn8+rZM+VeoWVYTwPT8OMv1wMEqOeJLIxR8/DiY42YEQiNBU2na4W AYajLwK6d3Ey+DV+/5YwjWWQOyyTxP9Q8F0xb61HdQmq1dILZJgFBmVR5ilxlpoJ sHiYCTKF/M8DbDGSWwZkD69ZPtBWPGvTI0XkgTIfhcTeF2BRL2UZkszrM72QjGqH OQh6hA3MyvA=zvD0 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Bug Fix(es):
-
kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3
watchOS 5.3 addresses the following:
Bluetooth Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero
Digital Touch Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8624: Natalie Silvanovich of Google Project Zero
FaceTime Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Foundation Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero
Heimdal Available for: Apple Watch Series 1 and later Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst
libxslt Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz
Messages Available for: Apple Watch Series 1 and later Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon
Messages Available for: Apple Watch Series 1 and later Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved validation. CVE-2019-8665: Michael Hernandez of XYZ Marketing
Quick Look Available for: Apple Watch Series 1 and later Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero
Siri Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
UIFoundation Available for: Apple Watch Series 1 and later Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Wallet Available for: Apple Watch Series 1 and later Impact: A user may inadvertently complete an in-app purchase while on the lock screen Description: The issue was addressed with improved UI handling. CVE-2019-8682: Jeff Braswell (JeffBraswell.com)
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative CVE-2019-8672: Samuel Groß of Google Project Zero CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech CVE-2019-8683: lokihardt of Google Project Zero CVE-2019-8684: lokihardt of Google Project Zero CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero
Additional recognition
MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1958",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sydneym-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c636e2r3p1\\)"
},
{
"model": "florida-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c636e6r1p5t8\\)"
},
{
"model": "atomu-l33",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.147\\(c605custc605d1\\)"
},
{
"model": "yale-al50a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.171\\(c10e2r3p1\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.143\\(c675e8r2p1\\)"
},
{
"model": "lelandp-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-l21b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-al00ic",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "p30 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "nova lite 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "yale-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c461e3r1p11t8\\)"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c636e2r1p12t8\\)"
},
{
"model": "sydney-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "lelandp-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-tl10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c432e2r5p1\\)"
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.338\\(c185e3r3p1\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.332\\(c432e5r1p13t8\\)"
},
{
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "cornell-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c782e10r1p9t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "sydney-l22br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.155\\(c10e2r3p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e3r1p13t8\\)"
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.158\\(c432e8r1p5t8\\)"
},
{
"model": "yale-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "atomu-l41",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.153\\(c461custc461d1\\)"
},
{
"model": "sydneym-l23",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.122\\(c09e7r1p5t8\\)"
},
{
"model": "florida-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c605e7r1p2t8\\)"
},
{
"model": "y7 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "jakarta-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-l22a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e5r1p9t8\\)"
},
{
"model": "ares-al10d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.156\\(c605\\)"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "ares-tl00c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c01e165r2p5t8\\)"
},
{
"model": "imanager neteco 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c432e6r1p5t8\\)"
},
{
"model": "harry-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "barca-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.366\\(c00\\)"
},
{
"model": "harry-tl00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "nova 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "madrid-tl00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "princeton-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "imanager neteco",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c636e2r1p13t8\\)"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.3"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "leland-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c185e2r5p1\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c185e2r1p13t8\\)"
},
{
"model": "potter-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.12.6"
},
{
"model": "cornell-al10ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e2r1p9t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e5r1p14t8\\)"
},
{
"model": "atomu-l42",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.155\\(c636custc636d1\\)"
},
{
"model": "y6 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "nova 5i pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "dura-tl00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.176\\(c01\\)"
},
{
"model": "columbia-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "figo-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c605e6r1p5t8\\)"
},
{
"model": "asoka-al00ax",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.1.181\\(c00e48r6p1\\)"
},
{
"model": "yale-l61c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "laya-al00ep",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.300\\(c605e2r1p12t8\\)"
},
{
"model": "johnson-tl00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.130\\(c01e115r2p8t8\\)"
},
{
"model": "nova 4",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "potter-al10a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-tl10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "p smart",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "dura-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.182\\(c00\\)"
},
{
"model": "tvos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"model": "figo-l31",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.122d\\(c652\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "leland-l32c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "princeton-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-l22c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-l31a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "columbia-tl00d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.186\\(c01gt\\)"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e4r1p13t8\\)"
},
{
"model": "leland-l42c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-l21meb",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cairogo-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "cairogo-l22c461b153"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.347\\(c432e1r1p9t8\\)"
},
{
"model": "y6 pro 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e7r1p13t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "virtualization host eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "florida-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c01e112r1p6t8\\)"
},
{
"model": "sydneym-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "sydney-l21br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "harry-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.341\\(c185e1r1p9t8\\)"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c185e6r1p5t8\\)"
},
{
"model": "columbia-al10i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.335\\(c675e8r1p9t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e2r1p12t8\\)"
},
{
"model": "sydneym-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "princeton-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c530e8r1p5t8\\)"
},
{
"model": "p20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-l42a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-al20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "honor 10 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-tl00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "p smart 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.307\\(c635e4r1p13t8\\)"
},
{
"model": "bla-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c786e320r2p1t8\\)"
},
{
"model": "honor 8a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "y5 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.326\\(c635e2r1p11t8\\)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "paris-l29b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "neo-al00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "katyusha-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "bla-tl00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c01e320r1p1t8\\)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e2r1p12t8\\)"
},
{
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "tony-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "tony-al00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "johnson-tl00f",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "p20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor view 10",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "y5 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor view 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.342\\(c461e1r1p9t8\\)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e3r1p14t8\\)"
},
{
"model": "sydneym-l03",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c636e2r3p1\\)"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c432e4r1p11t8\\)"
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c33e8r1p5t8\\)"
},
{
"model": "yale-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "sydneym-l01",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "dubai-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.190\\(c00r2p2\\)"
},
{
"model": "mate 20 x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c185e2r5p1\\)"
},
{
"model": "leland-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "alp-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "y6 prime 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "yalep-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-al00ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.141\\(c675custc675d1gt\\)"
},
{
"model": "lelandp-l22d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c605e2r1p11t8\\)"
},
{
"model": "leland-l32a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e7r1p11t8\\)"
},
{
"model": "p30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ares-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c185e3r1p12t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "cornell-al00i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e3r1p9t8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.149\\(c675e8r2p1\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.172\\(c432e2r5p1\\)"
},
{
"model": "london-al40ind",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 8x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "sydney-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e4r1p11t8\\)"
},
{
"model": "lelandp-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "madrid-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c10e8r1p5t8\\)"
},
{
"model": "florida-al20b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c00e112r1p6t8\\)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.5"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "nova 5",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c461e2r1p11t8\\)"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:blackberry:blackberry:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization_host_eus:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_aus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ares-tl00c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.165\\(c01e165r2p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ares-tl00c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:asoka-al00ax_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.1.181\\(c00e48r6p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:asoka-al00ax:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:atomu-l33_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.0.147\\(c605custc605d1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:atomu-l33:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:atomu-l41_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.0.153\\(c461custc461d1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:atomu-l41:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:atomu-l42_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.0.155\\(c636custc636d1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:atomu-l42:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.329\\(c786e320r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.300\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.329\\(c01e320r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.0.366\\(c00\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.332\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cairogo-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "cairogo-l22c461b153",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cairogo-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c605e2r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-al10i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.335\\(c675e8r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-tl00d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.1.0.186\\(c01gt\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al00i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.363\\(c675e3r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al00i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al00ind_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0.141\\(c675custc675d1gt\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al00ind:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-al10ind_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.363\\(c675e2r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-al10ind:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.336\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:dubai-al00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0.190\\(c00r2p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:dubai-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.182\\(c00\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:dura-tl00a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.176\\(c01\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:dura-tl00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.338\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l23_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.160\\(c605e6r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l23:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\\(c652\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-tl10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.130\\(c01e115r2p8t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-tl10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.128\\(c00e112r1p6t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.150\\(c185e6r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.150\\(c636e6r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-l23_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c605e7r1p2t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-l23:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.128\\(c01e112r1p6t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.143\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p_smart_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p_smart_2019_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p20_pro_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y5_2018_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y5_2018:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y5_lite_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y5_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y6_2019_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y6_prime_2018_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y6_prime_2018:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y6_pro_2019_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y7_2019_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y7_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:y9_2019_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_5i_pro_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_5i_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_lite_3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:harry-al00c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:harry-tl00c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_10_lite_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_view_10_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_view_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_view_20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:jakarta-al00a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:johnson-tl00d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:johnson-tl00f_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:katyusha-al00a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:katyusha-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:laya-al00ep_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l21a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l31a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l31a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l32a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l32c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l32c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l42a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l42a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-l42c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-l42c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-tl10b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:leland-tl10c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-al00c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-al10b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-al10d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-al10d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-l22a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-l22c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lelandp-l22d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:london-al40ind_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:london-al40ind:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:madrid-al00a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:madrid-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:madrid-tl00a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:madrid-tl00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:neo-al00d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-al00ic_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-al00ic:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l21meb_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:paris-l29b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:potter-al00c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:potter-al10a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:princeton-al10b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:princeton-al10d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:princeton-tl10c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-al00_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l21br_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-l22br_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydney-tl00_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-al00_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l01_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l03_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l21_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l22_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:sydneym-l23_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-al00b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-tl00b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-al00a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-al50a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l21a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-l61c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-l61c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yale-tl00b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:yalep-al10b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:imanager_neteco_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.306\\(c185e2r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.306\\(c432e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.306\\(c636e2r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.307\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c432e5r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c782e10r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.350\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.341\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.342\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.347\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.311\\(c461e2r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.325\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.326\\(c635e2r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.328\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.122\\(c09e7r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.137\\(c33e8r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.137\\(c530e8r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.158\\(c432e8r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.165\\(c10e8r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.150\\(c432e6r1p5t8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.149\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.154\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.155\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.170\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.170\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.171\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.172\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155147"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154863"
},
{
"db": "PACKETSTORM",
"id": "154862"
},
{
"db": "PACKETSTORM",
"id": "154879"
}
],
"trust": 0.9
},
"cve": "CVE-2019-9506",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-160941",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-9506",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "cret@cert.org",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160941",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThe issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 7) - aarch64, noarch, ppc64le\n\n3. \n\nBug Fix(es):\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different\n(BZ#1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware\nInterrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi)\n(BZ#1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)\n\n4. 7.5) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* TCP packets are segmented when sent to the VLAN device when coming from\nVXLAN dev. (BZ#1732810)\n\n* skb head copy occurs when sending traffic over OVS managed VXLAN tunnel\n(BZ#1733896)\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306)\n\n* use \"make -jN\" for modules_install (BZ#1735082)\n\n* Backport TCP follow-up for small buffers (BZ#1739128)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740176)\n\n* RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations /\npowerpc/rtas: Fix a potential race between CPU-Offline \u0026 Migration (LPM)\n(BZ#1745437)\n\n* RHEL7.6 - powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745439)\n\n* RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen\nduring LPM (POWER9/P9) (BZ#1745447)\n\n4. \n\nBug Fix(es):\n\n* port show-kabi to python3 (BZ#1806924)\n\n4. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. 7.3) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2019:3055-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3055\nIssue date: 2019-10-15\nCVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506\n CVE-2019-10126\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fixes:\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows\nServer 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm\n(BZ#1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with \u003e\n240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid\n(BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6\naddress (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system\n(BZ#1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application\nfailure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but\nthe VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP connection\nsetup and may cause DoS type reconnect problem in complex network\nenvironments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to\nsupport bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group\n(BZ#1752421)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix\nthese bugs. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c\n1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c\n1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1062.4.1.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1062.4.1.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1062.4.1.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-devel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-headers-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1062.4.1.el7.s390x.rpm\nperf-3.10.0-1062.4.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\npython-perf-3.10.0-1062.4.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-20856\nhttps://access.redhat.com/security/cve/CVE-2019-3846\nhttps://access.redhat.com/security/cve/CVE-2019-9506\nhttps://access.redhat.com/security/cve/CVE-2019-10126\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXaYG69zjgjWX9erEAQjA1Q/7Bte0lgWfI6xE9bw9FqrE7ZFw3Jq5bqV1\n8PYYAZBFCLUHsC1HS33jiTGGaS5xbqR4yrtNCnZHLhsZU6w9avm0zDFW2CEzAwRC\nUri5R30mCVtc2p3jsHupNKrKhzzkmKjz2J5gYn+ubX9Ok7ScxZZ8ucF9kJcSx7LL\nqswocd0lWkbjy/2MY0t6MCMnvoNvgOB1XEmQE5a9CHrHtKe9kEJcWJUht6vXqhZ4\nSJYkMLDIsDYOXFsWBwZnKT0BVXNurS9+g7b7MX4ZaQATN5MD9x7jP7FYTIp8lhyJ\nNKOqa8/D5eFGKF3YlgySgqXZ22XT1MasENDJ7OS62lRQd+/eeznyK0CUOAtILLvH\n1GTfXgz8nvMynX+ZKkiZv5+tEFCWFNKkHudYuzoirFa+p29l0YWW6SjfPN+c3NnE\n9DLfZhqYuX2tcx3O8khxjS/okRh5mBFQvzXlWqyPmgqsbjP0L5R2YoPNMzzGB3OQ\nFA/QgjD8AD9Tn8+rZM+VeoWVYTwPT8OMv1wMEqOeJLIxR8/DiY42YEQiNBU2na4W\nAYajLwK6d3Ey+DV+/5YwjWWQOyyTxP9Q8F0xb61HdQmq1dILZJgFBmVR5ilxlpoJ\nsHiYCTKF/M8DbDGSWwZkD69ZPtBWPGvTI0XkgTIfhcTeF2BRL2UZkszrM72QjGqH\nOQh6hA3MyvA=zvD0\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBug Fix(es):\n\n* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-3 Additional information for\nAPPLE-SA-2019-7-22-4 watchOS 5.3\n\nwatchOS 5.3 addresses the following:\n\nBluetooth\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole\nTippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDigital Touch\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\nFaceTime\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nHeimdal\nAvailable for: Apple Watch Series 1 and later\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nlibxslt\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: Users removed from an iMessage conversation may still be able\nto alter state\nDescription: This issue was addressed with improved checks. \nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of\nUniversity of Oregon\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may cause an unexpected application\ntermination\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\nQuick Look\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSiri\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nUIFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nWallet\nAvailable for: Apple Watch Series 1 and later\nImpact: A user may inadvertently complete an in-app purchase while on\nthe lock screen\nDescription: The issue was addressed with improved UI handling. \nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2019-8658: akayn working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-8669: akayn working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\nCVE-2019-8683: lokihardt of Google Project Zero\nCVE-2019-8684: lokihardt of Google Project Zero\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,\nKen Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,\nand Eric Lung (@Khlung1) of VXRL\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\nCVE-2019-8689: lokihardt of Google Project Zero\n\nAdditional recognition\n\nMobileInstallation\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their\nassistance. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155147"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154863"
},
{
"db": "PACKETSTORM",
"id": "154862"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154056"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9506",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#918987",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "157216",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0141",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1189",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4676",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0262",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3115",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4252",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1338",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4584",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156058",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-27173",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155017",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155004",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154949",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154936",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-160941",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155005",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155147",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154863",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154862",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154056",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155147"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154863"
},
{
"db": "PACKETSTORM",
"id": "154862"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"id": "VAR-201908-1958",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
}
],
"trust": 0.5494931403571428
},
"last_update_date": "2024-07-23T21:39:23.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bluetooth Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96553"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193187 - security advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193231 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192975 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193165 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193218 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20201460 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193220 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193089 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193055 - security advisory"
},
{
"title": "Red Hat: Important: kernel-alt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193217 - security advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193076 - security advisory"
},
{
"title": "Red Hat: CVE-2019-9506",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2019-9506"
},
{
"title": "Cisco: Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth"
},
{
"title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03634"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20200204 - security advisory"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193517 - security advisory"
},
{
"title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193309 - security advisory"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4147-1"
},
{
"title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=fg-ir-19-224"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4115-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4115-1"
},
{
"title": "Ubuntu Security Notice: linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4118-1"
},
{
"title": "knob",
"trust": 0.1,
"url": "https://github.com/francozappa/knob "
},
{
"title": "bluetooth-KNOB",
"trust": 0.1,
"url": "https://github.com/u10427687/bluetooth-knob "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/makaubenson/fix-bt-ubuntu "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/winterheart/broadcom-bt-firmware "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/alexandrbing/broadcom-bt-firmware "
},
{
"title": "Protocol-Vul",
"trust": 0.1,
"url": "https://github.com/winmin/protocol-vul "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/jeffromf/awesome-bluetooth-security321 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2020:0204"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2975"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3055"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3076"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3089"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3187"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3217"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3218"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3231"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3517"
},
{
"trust": 1.8,
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"trust": 1.8,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/11"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/13"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/14"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/15"
},
{
"trust": 1.8,
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"trust": 1.8,
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3165"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3220"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3309"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
},
{
"trust": 0.9,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2019-9506"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1338/"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27173"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210353"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210346"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0262/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3115/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1189/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2018-20856"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-10126"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-3846"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3846"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/francozappa/knob"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/918987"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11810"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-1125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1125"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/4329821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:1460"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7222"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3874"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13233"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11599"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3874"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13233"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3460"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3460"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1593"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-7222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19985"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8659"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8669"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8658"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8683"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8682"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8689"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155147"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154863"
},
{
"db": "PACKETSTORM",
"id": "154862"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155147"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154863"
},
{
"db": "PACKETSTORM",
"id": "154862"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-160941"
},
{
"date": "2019-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"date": "2019-10-29T14:49:28",
"db": "PACKETSTORM",
"id": "155005"
},
{
"date": "2019-10-08T20:44:06",
"db": "PACKETSTORM",
"id": "154779"
},
{
"date": "2020-04-14T15:40:41",
"db": "PACKETSTORM",
"id": "157216"
},
{
"date": "2019-10-29T14:59:12",
"db": "PACKETSTORM",
"id": "155017"
},
{
"date": "2019-11-06T15:49:15",
"db": "PACKETSTORM",
"id": "155147"
},
{
"date": "2019-10-29T14:48:28",
"db": "PACKETSTORM",
"id": "155004"
},
{
"date": "2019-10-15T22:22:11",
"db": "PACKETSTORM",
"id": "154863"
},
{
"date": "2019-10-15T22:21:55",
"db": "PACKETSTORM",
"id": "154862"
},
{
"date": "2019-10-16T15:06:37",
"db": "PACKETSTORM",
"id": "154879"
},
{
"date": "2019-08-14T20:32:22",
"db": "PACKETSTORM",
"id": "154056"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"date": "2019-08-14T17:15:11.597000",
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-160941"
},
{
"date": "2021-11-04T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"date": "2021-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"date": "2021-11-04T15:58:19.197000",
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bluetooth BR/EDR Encryption problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
}
}
var-202010-1183
Vulnerability from variot
HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. HUAWEI Mate 20 Is vulnerable to injection.Information may be tampered with. Huawei Mate 20 is a smartphone of China's Huawei (Huawei) company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-1183",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.163\\(c00e160r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "mate 20 firmware 10.1.0.163(c00e160r3p8) less than"
},
{
"model": "mate \u003c10.1.0.163",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.163\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9092"
}
]
},
"cve": "CVE-2020-9092",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-9092",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-58217",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-9092",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9092",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-58217",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-636",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-9092",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. HUAWEI Mate 20 Is vulnerable to injection.Information may be tampered with. Huawei Mate 20 is a smartphone of China\u0027s Huawei (Huawei) company",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "VULMON",
"id": "CVE-2020-9092"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9092",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-58217",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9092",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"id": "VAR-202010-1183",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
}
]
},
"last_update_date": "2023-12-18T13:18:03.987000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20201014-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-smartphone-en"
},
{
"title": "Patch for HUAWEI Mate 20 JavaScript injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/237439"
},
{
"title": "HUAWEI Mate20 Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131281"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "injection (CWE-74) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9092"
},
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-smartphone-en"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-01-smartphone-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"date": "2020-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"date": "2021-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"date": "2020-10-19T20:15:13.087000",
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"date": "2020-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-58217"
},
{
"date": "2020-10-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9092"
},
{
"date": "2021-05-10T07:32:00",
"db": "JVNDB",
"id": "JVNDB-2020-012480"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-9092"
},
{
"date": "2020-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI\u00a0Mate\u00a020\u00a0 Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012480"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-636"
}
],
"trust": 0.6
}
}
var-201911-0258
Vulnerability from variot
Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation. The vulnerability stems from the system's improper restrictions on some operations of users in ADB mode. An attacker could use this vulnerability to switch to a third-party desktop
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20 rs",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.135\\(c786e133r3p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.135(c786e133r3p1)"
},
{
"model": "mate rs \u003c9.1.0.135",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.135\\(c786e133r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5308"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by Huawei internal testing.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5308",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5308",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-44560",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5308",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5308",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2019-44560",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1460",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2019-5308",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation. The vulnerability stems from the system\u0027s improper restrictions on some operations of users in ADB mode. An attacker could use this vulnerability to switch to a third-party desktop",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5308",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-44560",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-5308",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"id": "VAR-201911-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
}
],
"trust": 1.4214285649999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
}
]
},
"last_update_date": "2023-12-18T12:43:15.138000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20191127-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 RS improper authorization vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/193523"
},
{
"title": "Huawei Mate 20 RS Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=103729"
},
{
"title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=705b2901adfc0c7fd70974844b866423"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-863",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5308"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191127-01-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5308"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"date": "2019-11-29T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"date": "2019-11-29T21:15:11.480000",
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"date": "2019-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44560"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5308"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012686"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-5308"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mate 20 RS Unauthorized authentication vulnerability in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1460"
}
],
"trust": 0.6
}
}
var-202003-1092
Vulnerability from variot
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1092",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.188(c00e74r3p8)"
},
{
"model": "mate 30 pro",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.203(c00e202r7p2)"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.0.0.203",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1793"
}
]
},
"cve": "CVE-2020-1793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003319",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-22000",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003319",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1793",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003319",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-22000",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1146",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "CNVD",
"id": "CNVD-2020-22000"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1793",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-22000",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1146",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"id": "VAR-202003-1092",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
}
],
"trust": 1.23380308
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
}
]
},
"last_update_date": "2023-12-18T13:07:40.006000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200318-02-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-22000)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/213045"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1793"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1793"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"date": "2020-03-20T15:15:13.857000",
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22000"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003319"
},
{
"date": "2020-03-25T13:30:41.613000",
"db": "NVD",
"id": "CVE-2020-1793"
},
{
"date": "2020-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 and Mate 30 Pro Authentication vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003319"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1146"
}
],
"trust": 0.6
}
}
var-202002-0574
Vulnerability from variot
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. Huawei Mate 20 is a smartphone from China's Huawei
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "eq",
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.185\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.185(c00e74r3p8)"
},
{
"model": "mate \u003c10.0.0.185",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "10.0.0.175c00e70r3p8"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.139c00e133r3p1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.185\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1791"
}
]
},
"cve": "CVE-2020-1791",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002089",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-14858",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002089",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1791",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-002089",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-14858",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-415",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. Huawei Mate 20 is a smartphone from China\u0027s Huawei",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "CNVD",
"id": "CNVD-2020-14858"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1791",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-14858",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"id": "VAR-202002-0574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
}
]
},
"last_update_date": "2023-12-18T12:49:50.747000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200205-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 Licensing Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/206273"
},
{
"title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=110185"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-863",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1791"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1791"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200205-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"date": "2020-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"date": "2020-02-18T03:15:11.060000",
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"date": "2020-02-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14858"
},
{
"date": "2020-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002089"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-1791"
},
{
"date": "2020-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002089"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-415"
}
],
"trust": 0.6
}
}
var-201911-0831
Vulnerability from variot
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. There are security vulnerabilities in various Huawei products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0831",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hisuite",
"scope": "lt",
"trust": 1.6,
"vendor": "huawei",
"version": "9.1.0.305"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)"
},
{
"model": "hisuite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 \u003celle-al00b 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro \u003cvogue-al00a 9.1.0.193",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003chima-al00b 9.1.0.135",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.305",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5226"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vendor",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5226",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-30710",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5226",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5226",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-30710",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-205",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. There are security vulnerabilities in various Huawei products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "CNVD",
"id": "CNVD-2019-30710"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5226",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-30710",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "44306",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"id": "VAR-201911-0831",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
}
],
"trust": 1.431770852
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
}
]
},
"last_update_date": "2023-12-18T13:07:49.161000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190904-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"title": "Patches for multiple Huawei product version downgrade vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/179199"
},
{
"title": "Multiple Huawei Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=97962"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-346",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5226"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190904-01-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5226"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/44306"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"date": "2019-11-29T19:15:12.057000",
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"date": "2019-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30710"
},
{
"date": "2019-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012738"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2019-5226"
},
{
"date": "2019-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to input confirmation in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012738"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-205"
}
],
"trust": 0.6
}
}
var-202107-0370
Vulnerability from variot
There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1). Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tony-al00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.257\\(c00e222r2p1\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.139\\(c00e133r3p1\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.188\\(c185e10r2p1\\)"
},
{
"model": "laya-al00ep",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.139\\(c786e133r3p1\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.195\\(c01e195r2p1\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.278\\(c185e10r2p1\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.245\\(c10e10r2p1\\)"
},
{
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.105\\(c185e9r1p16\\)"
},
{
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.105\\(c10e9r1p16\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.187\\(c432e10r1p16\\)"
},
{
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.105\\(c636e9r1p16\\)"
},
{
"model": "oxfords-an00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.223\\(c00e210r5p1\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.267\\(c636e10r2p1\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.266\\(c432e10r1p16\\)"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "9.0.0.268\\(c635e12r1p16\\)"
},
{
"model": "laya-al00ep",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hima-l29c",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:9.0.0.195\\(c01e195r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:9.1.0.139\\(c00e133r3p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.187\\(c432e10r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.188\\(c185e10r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.245\\(c10e10r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.266\\(c432e10r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.267\\(c636e10r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.268\\(c635e12r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.278\\(c185e10r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:9.0.0.105\\(c10e9r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:9.0.0.105\\(c185e9r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:hima-l29c_firmware:9.0.0.105\\(c636e9r1p16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:laya-al00ep_firmware:9.1.0.139\\(c786e133r3p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oxfords-an00a_firmware:10.1.0.223\\(c00e210r5p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oxfords-an00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:tony-al00b_firmware:9.1.0.257\\(c00e222r2p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-22440"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vulnerability was discovered by an external researcher",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
}
],
"trust": 0.6
},
"cve": "CVE-2021-22440",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-22440",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-22440",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-22440",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-2021",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-22440",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1). Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-22440"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-22440",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021070201",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-2021",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-22440",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"id": "VAR-202107-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37083333500000004
},
"last_update_date": "2023-12-18T10:44:10.313000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20210630-01-pathtraversal",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-en"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22440"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021070201"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-cn"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-13T00:00:00",
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"date": "2022-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"date": "2021-07-13T12:15:09.847000",
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"date": "2021-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "VULMON",
"id": "CVE-2021-22440"
},
{
"date": "2022-04-18T07:03:00",
"db": "JVNDB",
"id": "JVNDB-2021-009235"
},
{
"date": "2021-07-15T22:28:16.663000",
"db": "NVD",
"id": "CVE-2021-22440"
},
{
"date": "2021-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-2021"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Path traversal vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009235"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-2021"
}
],
"trust": 0.6
}
}
var-202001-0900
Vulnerability from variot
HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user's desktop in an instant, without unlocking the screen lock of the host user. HUAWEI Mate 20 Smartphones contain an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China's Huawei. The vulnerability stems from logical errors in the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0900",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "eq",
"trust": 2.0,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.139\\(c00e133r3p1\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "mate 20 firmware 9.1.0.139(c00e133r3p1)"
},
{
"model": "mate pro \u003c9.1.0.139",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.0.139\\(c00e133r3p1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ding Yicong",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
],
"trust": 0.6
},
"cve": "CVE-2020-1787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-1787",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-02173",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-1787",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1787",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-02173",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-270",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user\u0027s desktop in an instant, without unlocking the screen lock of the host user. HUAWEI Mate 20 Smartphones contain an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China\u0027s Huawei. The vulnerability stems from logical errors in the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "CNVD",
"id": "CNVD-2020-02173"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1787",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-02173",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"id": "VAR-202001-0900",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
}
],
"trust": 1.1999529
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
}
]
},
"last_update_date": "2023-12-18T13:52:04.716000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200108-02-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 inappropriate authentication vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/197023"
},
{
"title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=106609"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Incorrect authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200108-02-smartphone-cn"
},
{
"trust": 1.0,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1787"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"date": "2020-01-09T17:15:12.400000",
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02173"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001494"
},
{
"date": "2020-01-29T21:33:43.037000",
"db": "NVD",
"id": "CVE-2020-1787"
},
{
"date": "2020-01-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI\u00a0Mate\u00a020\u00a0 Authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001494"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-270"
}
],
"trust": 0.6
}
}
var-201906-0114
Vulnerability from variot
Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal. Huawei Mate20 Smartphones contain a vulnerability related to out-of-bounds reading.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate20 is a smartphone from China's Huawei company. The vulnerability stems from a failure to adequately verify user input that could allow an attacker to cause a device exception
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0114",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "hma-al00c00b175"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "hma-al00c00b175"
},
{
"model": "mate20 \u003chma-al00c00b175",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "hma-al00c00b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5296"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei internal testing",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5296",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 1.7,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5296",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-04937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 3.9,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5296",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5296",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2019-04937",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-789",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal. Huawei Mate20 Smartphones contain a vulnerability related to out-of-bounds reading.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate20 is a smartphone from China\u0027s Huawei company. The vulnerability stems from a failure to adequately verify user input that could allow an attacker to cause a device exception",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "CNVD",
"id": "CNVD-2019-04937"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5296",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-04937",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"id": "VAR-201906-0114",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
}
]
},
"last_update_date": "2023-12-18T12:28:14.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20190220-01-phone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en"
},
{
"title": "HuaweiMate20 Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/154133"
},
{
"title": "Huawei Mate20 Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89584"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5296"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5296"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190220-01-phone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"date": "2019-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"date": "2019-06-04T18:29:00.910000",
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"date": "2019-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04937"
},
{
"date": "2019-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005141"
},
{
"date": "2019-06-05T16:21:40.107000",
"db": "NVD",
"id": "CVE-2019-5296"
},
{
"date": "2019-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Mate20 Smartphone out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005141"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-789"
}
],
"trust": 0.6
}
}
var-202010-1177
Vulnerability from variot
HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. HUAWEI Mate 20 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HUAWEI Mate 20 is a smart phone launched by Huawei. The vulnerability stems from insufficient input validation. An attacker can use this vulnerability to implement code execution through a specially crafted Bluetooth message after successful pairing
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-1177",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "mate 20 firmware 10.0.0.188(c00e74r3p8) less than"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9113"
}
]
},
"cve": "CVE-2020-9113",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-9113",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2020-57586",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-9113",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9113",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-57586",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-640",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-9113",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. HUAWEI Mate 20 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HUAWEI Mate 20 is a smart phone launched by Huawei. The vulnerability stems from insufficient input validation. An attacker can use this vulnerability to implement code execution through a specially crafted Bluetooth message after successful pairing",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "VULMON",
"id": "CVE-2020-9113"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9113",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-57586",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "50559",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9113",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"id": "VAR-202010-1177",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
}
]
},
"last_update_date": "2023-12-18T12:55:51.672000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20201014-01-bluetooth",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en"
},
{
"title": "Patch for HUAWEI Mate 20 buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/236905"
},
{
"title": "Huawei Mate 20 Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131282"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9113"
},
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/50559"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189827"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"date": "2020-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"date": "2021-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"date": "2020-10-19T20:15:13.260000",
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"date": "2020-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-57586"
},
{
"date": "2020-10-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9113"
},
{
"date": "2021-05-10T07:32:00",
"db": "JVNDB",
"id": "JVNDB-2020-012481"
},
{
"date": "2020-10-22T14:02:01.673000",
"db": "NVD",
"id": "CVE-2020-9113"
},
{
"date": "2020-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI\u00a0Mate\u00a020\u00a0 Buffer Overflow Vulnerability in Linux",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012481"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-640"
}
],
"trust": 0.6
}
}
var-202003-1094
Vulnerability from variot
There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.203\\(c00e202r7p2\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e74r3p8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.188(c00e74r3p8)"
},
{
"model": "mate 30 pro",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "10.0.0.203(c00e202r7p2)"
},
{
"model": "mate \u003c10.0.0.188",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.0.0.203",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1795"
}
]
},
"cve": "CVE-2020-1795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003141",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-21999",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003141",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1795",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "JVNDB-2020-003141",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2020-21999",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1144",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "CNVD",
"id": "CNVD-2020-21999"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1795",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-21999",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"id": "VAR-202003-1094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
}
],
"trust": 1.23380308
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
}
]
},
"last_update_date": "2023-12-18T14:00:37.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200318-04-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
},
{
"title": "Patch for Huawei Mate 20 and Mate 30 Pro logic error vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/213047"
},
{
"title": "Huawei Mate 20 and Mate 30 Pro Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112622"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1795"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1795"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-04-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"date": "2020-03-20T15:15:14.027000",
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21999"
},
{
"date": "2020-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003141"
},
{
"date": "2020-03-24T20:06:38.577000",
"db": "NVD",
"id": "CVE-2020-1795"
},
{
"date": "2020-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 and Mate 30 Pro Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003141"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1144"
}
],
"trust": 0.6
}
}
var-202008-1048
Vulnerability from variot
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China's Huawei (Huawei) company.
There are security vulnerabilities in many Huawei products, which are caused by the program's failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate pro \u003c10.1.0.270",
"scope": "eq",
"trust": 1.2,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.270\\(c431e7r1p5\\)"
},
{
"model": "p30",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p11\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c00e62r8p12\\)"
},
{
"model": "mate 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r3p8\\)"
},
{
"model": "mate 20 rs",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c786e160r3p8\\)"
},
{
"model": "mate 20 x",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.175\\(c00e58r4p11\\)"
},
{
"model": "p30 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.160\\(c00e160r2p8\\)"
},
{
"model": "honor v20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.188\\(c00e62r2p11\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.273\\(c636e7r2p4\\)"
},
{
"model": "mate 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.1.0.270\\(c635e3r1p5\\)"
},
{
"model": "honor magic 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.187\\(c00e61r2p11\\)"
},
{
"model": "honor 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor magic 2",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor v20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 rs",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate 20 x",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003c10.1.0.160",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate pro \u003c10.1.0.273",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "mate \u003c10.1.0.160",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20x"
},
{
"model": "p30 \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p30 pro \u003c10.1.0.160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate rs \u003c10.1.0.160",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honormagic \u003c10.0.0.187",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "honor \u003c10.0.0.175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor pro \u003c10.0.0.194",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honorv20 \u003c10.0.0.188",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.270\\(c431e7r1p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.175\\(c00e58r4p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.194\\(c00e62r8p12\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.188\\(c00e62r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9244"
}
]
},
"cve": "CVE-2020-9244",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-9244",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-46459",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-9244",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9244",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-46459",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-580",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere are security vulnerabilities in many Huawei products, which are caused by the program\u0027s failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "CNVD",
"id": "CNVD-2020-46459"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9244",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-46459",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"id": "VAR-202008-1048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
}
],
"trust": 1.2968488045454545
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
}
]
},
"last_update_date": "2023-12-18T14:00:27.232000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200805-02-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
},
{
"title": "Patch for Incorrect authentication vulnerabilities in multiple Huawei products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/230800"
},
{
"title": "Multiple Huawei Product Authorization Issue Vulnerability Fixing Measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126447"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9244"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200805-02-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"date": "2020-10-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"date": "2020-08-11T19:15:17.687000",
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"date": "2020-08-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-46459"
},
{
"date": "2020-10-26T08:31:00",
"db": "JVNDB",
"id": "JVNDB-2020-009253"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-9244"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Authentication vulnerabilities in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009253"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-580"
}
],
"trust": 0.6
}
}
cve-2019-5220
Vulnerability from cvelistv5
Published
2019-07-10 17:38
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1)"
}
]
},
{
"product": "Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1)"
}
]
},
{
"product": "Honor Magic 2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "FRP Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-10T17:38:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1)"
}
]
}
},
{
"product_name": "Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1)"
}
]
}
},
{
"product_name": "Honor Magic 2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "FRP Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5220",
"datePublished": "2019-07-10T17:38:15",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}