Vulnerabilites related to huawei - kobe-l09ahn_firmware
Vulnerability from fkie_nvd
Published
2018-09-26 13:29
Modified
2024-11-21 04:12
Severity ?
Summary
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c100b257custc100d001:*:*:*:*:*:*:*", "matchCriteriaId": "5F827EDE-1276-46C4-B802-E0F6182636B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c170b253custc170d001:*:*:*:*:*:*:*", "matchCriteriaId": "D0C51EE3-995E-4652-BF65-BD274B7C7848", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c199b251custc199d001:*:*:*:*:*:*:*", "matchCriteriaId": "64663B9D-2047-46FE-B7BE-A10BD60D4DE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c229b003custc229d001:*:*:*:*:*:*:*", "matchCriteriaId": "A6BAFF17-A6D9-48D7-BA9E-5896FA281A66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:agassi-l09:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3833712-95E8-4CC9-B55E-2F029E54C667", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c100b257custc100d001:*:*:*:*:*:*:*", "matchCriteriaId": "D7349EFB-FE37-4584-BCA0-950C64F0BD4D", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c128b252custc128d001:*:*:*:*:*:*:*", "matchCriteriaId": "FDF5BA80-7832-40AD-A97E-E11A3F60E02F", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c170b252custc170d001:*:*:*:*:*:*:*", "matchCriteriaId": "123D3E09-7528-4572-9A6B-6052829E66DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c229b251custc229d001:*:*:*:*:*:*:*", "matchCriteriaId": "7DB4C327-1C75-4222-A112-3F4B3A2E35C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c331b003custc331d001:*:*:*:*:*:*:*", "matchCriteriaId": "95C1874D-290E-46EE-AB85-49BFB2C7A7AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c794b001custc794d001:*:*:*:*:*:*:*", "matchCriteriaId": "BB392D3A-DAA3-410C-AC55-93494C2BCF51", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:agassi-w09:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0D90B4A-C25C-4DE3-9014-582F635E936F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c100b160custc100d001:*:*:*:*:*:*:*", "matchCriteriaId": "E253E252-267B-4765-BFB7-37B2691878B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c170b160custc170d001:*:*:*:*:*:*:*", "matchCriteriaId": "D94BECC2-AB1C-450F-8BC1-EB6B2BE7B61D", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c199b162custc199d001:*:*:*:*:*:*:*", "matchCriteriaId": "C77A32FD-9B24-493D-96CA-DCBE379ACC8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c209b160custc209d001:*:*:*:*:*:*:*", "matchCriteriaId": "5322B262-F0E9-4C81-B4DF-B960A7BABE6A", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c333b160custc333d001:*:*:*:*:*:*:*", "matchCriteriaId": "891DF843-1CAF-4CBC-9A11-7741BFB42943", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:baggio2-u01a:-:*:*:*:*:*:*:*", "matchCriteriaId": "B44EB2A1-70E1-4056-AE68-88ED157416FE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:bond-al00c_firmware:bond-al00cc00b201:*:*:*:*:*:*:*", "matchCriteriaId": "19E20C9A-EAAD-45E8-A477-38EDE08040E1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:bond-al00c:-:*:*:*:*:*:*:*", "matchCriteriaId": "276913D1-0C7C-41D1-8CD8-F23386B6441B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:bond-al10b_firmware:bond-al10bc00b201:*:*:*:*:*:*:*", "matchCriteriaId": "BA7D3DEB-35D9-4FD6-A0D3-0B8740E3C03E", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:bond-al10b:-:*:*:*:*:*:*:*", "matchCriteriaId": "C81E62E7-5286-4932-9498-FAF5E01D9C16", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:bond-tl10b_firmware:bond-tl10bc01b201:*:*:*:*:*:*:*", "matchCriteriaId": "9DD3CE44-E738-403E-95EF-0B4C85E1D453", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:bond-tl10b:-:*:*:*:*:*:*:*", "matchCriteriaId": "58F076DF-3AD0-45FB-A98D-FCC5CCFD0464", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:bond-tl10c_firmware:bond-tl10cc01b131:*:*:*:*:*:*:*", "matchCriteriaId": "F1F95540-3D6C-40E1-B8EC-1959DB5B25D3", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:bond-tl10c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F07A146F-0FB6-4F24-9A62-81418471C437", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:haydn-l1jb_firmware:hdn-l1jc137b068:*:*:*:*:*:*:*", "matchCriteriaId": "0560310F-ACD9-425D-A69B-A421BEF93422", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:haydn-l1jb:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FBEFB8E-593E-4FF2-B7B3-A35AEA88FBBF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c100b252custc100d001:*:*:*:*:*:*:*", "matchCriteriaId": "4303A983-8A41-4534-B635-752A842C9818", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c209b002custc209d001:*:*:*:*:*:*:*", "matchCriteriaId": "7B439486-8545-4EAC-AC83-1AA21C6BD2D2", "vulnerable": true }, { "criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c362b001custc362d001:*:*:*:*:*:*:*", "matchCriteriaId": "866E2099-F472-4757-A662-ED42891BA46F", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:kobe-l09a:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A1B9004-674D-474C-B549-8F676E55C062", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b226:*:*:*:*:*:*:*", "matchCriteriaId": "35CF61AD-3D04-42D4-8981-31A1201D4DB6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*", "matchCriteriaId": "58C4B423-90C0-4A6E-A246-1A8BB7282AC8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:kobe-w09c_firmware:kob-w09c128b251custc128d001:*:*:*:*:*:*:*", "matchCriteriaId": "BAEEA7E6-354F-42FF-B2FA-778369FB758A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:kobe-w09c:-:*:*:*:*:*:*:*", "matchCriteriaId": "D61E75D7-6AAB-4DFF-B5FE-5813511A6025", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:lelandp-l22c_firmware:8.0.0.101_c675custc675d2:*:*:*:*:*:*:*", "matchCriteriaId": "6CA04479-3205-4B8C-A718-310FEC6BB0C4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*", "matchCriteriaId": "80D7FA39-2EE4-49F8-9EF4-009304DB6108", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:lelandp-l22d_firmware:8.0.0.101_c675custc675d2:*:*:*:*:*:*:*", "matchCriteriaId": "DF94D1CF-8781-4B2B-9D7F-8AF4ECFFB4AC", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A956F54-5B4B-4103-BA45-88F8FF7D9FD7", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:rhone-al00_firmware:rhone-al00c00b186:*:*:*:*:*:*:*", "matchCriteriaId": "9A9B77C6-81F3-4F03-B2DA-ADA61E76E239", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:rhone-al00:-:*:*:*:*:*:*:*", "matchCriteriaId": "4584E368-FDA6-41FD-923F-74A30E404967", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:selina-l02_firmware:selina-l02c432b153:*:*:*:*:*:*:*", "matchCriteriaId": "C5033AC6-6E65-4D44-ACB3-5FA17CDFC5C6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:selina-l02:-:*:*:*:*:*:*:*", "matchCriteriaId": "DED60F5C-D4BF-4BE4-87F2-44B0F3490DE0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:stanford-l09s_firmware:stanford-l09sc432b183:*:*:*:*:*:*:*", "matchCriteriaId": "D520B64B-B051-45FE-BE6F-EBEBE9FE0777", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:stanford-l09s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5091556-29A3-4781-A6CA-FB0BD03DEB01", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:toronto-al00_firmware:toronto-al00c00b223:*:*:*:*:*:*:*", "matchCriteriaId": "2FB76207-04DB-44A2-B06B-505E910D1440", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:toronto-al00:-:*:*:*:*:*:*:*", "matchCriteriaId": "876D76BE-3687-4049-B3C9-7E1469E18CC0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:toronto-al00a_firmware:toronto-al00ac00b223:*:*:*:*:*:*:*", "matchCriteriaId": "77565C14-795B-420E-B08C-FC6BDC3626E4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:toronto-al00a:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A83D96D-0B5A-42F0-B967-BC27C5B14573", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:toronto-tl10_firmware:toronto-tl10c01b223:*:*:*:*:*:*:*", "matchCriteriaId": "E71D795C-A2FA-4416-BEE8-3C4EA801E186", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:toronto-tl10:-:*:*:*:*:*:*:*", "matchCriteriaId": "7401A6EC-6133-442D-A638-FF03132D0EF5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak." }, { "lang": "es", "value": "Algunos productos Huawei Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223 y Toronto-TL10 Toronto-TL10C01B223 tienen una vulnerabilidad de filtrado de informaci\u00f3n sensible. Un atacante puede enga\u00f1ar a un usuario para que instale una aplicaci\u00f3n maliciosa para explotar esta vulnerabilidad. Debido a la verificaci\u00f3n insuficiente de las entradas, su explotaci\u00f3n exitosa puede provocar un filtrado de informaci\u00f3n sensible." } ], "id": "CVE-2018-7907", "lastModified": "2024-11-21T04:12:57.170", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-26T13:29:00.527", "references": [ { "source": "psirt@huawei.com", "tags": [ "Vendor Advisory" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en" } ], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-11-22 19:29
Modified
2024-11-21 03:33
Severity ?
Summary
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | agassi-l09hn_firmware | ags-l09c233b019 | |
huawei | agassi-l09hn | - | |
huawei | agassi-w09hn_firmware | ags-w09c233b019 | |
huawei | agassi-w09hn | - | |
huawei | kobe-l09ahn_firmware | kob-l09c233b017 | |
huawei | kobe-l09ahn | - | |
huawei | kobe-w09chn_firmware | kob-w09c233b012 | |
huawei | kobe-w09chn | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*", "matchCriteriaId": "9C80E3F6-CAAB-4E42-A263-C3B133040FE9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:agassi-l09hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "3498A696-E831-453C-ABCE-77A9908E96F6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*", "matchCriteriaId": "AE8DE54A-E45A-4676-BD89-28C36DA471C3", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:agassi-w09hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF342830-41FF-4E16-9090-2AB68DD822A2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*", "matchCriteriaId": "24DE753F-E19D-4F36-93E6-DFBD5BC9EF31", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*", "matchCriteriaId": "58C4B423-90C0-4A6E-A246-1A8BB7282AC8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*", "matchCriteriaId": "643CA10D-515D-4D24-A1A5-D31DEA91D05C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:huawei:kobe-w09chn:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9CAF9F7-A010-4349-BC8B-B3D6D37C3460", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution." }, { "lang": "es", "value": "Algunos smartphones Huawei con software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017 o KOB-W09C233B012 tienen una vulnerabilidad de confusi\u00f3n de tipos. El programa inicializa una variable utilizando un tipo, pero luego accede a esa variable utilizando un tipo diferente del original cuando realiza determinadas operaciones de registro. Un exploit exitoso podr\u00eda resultar en un desbordamiento de b\u00fafer que podr\u00eda causar la ejecuci\u00f3n de c\u00f3digo malicioso." } ], "id": "CVE-2017-8159", "lastModified": "2024-11-21T03:33:26.313", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-11-22T19:29:03.677", "references": [ { "source": "psirt@huawei.com", "tags": [ "Vendor Advisory" ], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en" } ], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-704" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
cve-2017-8159
Vulnerability from cvelistv5
Published
2017-11-22 19:00
Modified
2024-09-16 19:40
Severity ?
EPSS score ?
Summary
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei Technologies Co., Ltd. | Agassi-L09HN,Agassi-W09HN,Kobe-L09AHN,Kobe-W09CHN, |
Version: AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:27:22.873Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Agassi-L09HN,Agassi-W09HN,Kobe-L09AHN,Kobe-W09CHN,", "vendor": "Huawei Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012" } ] } ], "datePublic": "2017-11-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-22T18:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-8159", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Agassi-L09HN,Agassi-W09HN,Kobe-L09AHN,Kobe-W09CHN,", "version": { "version_data": [ { "version_value": "AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012" } ] } } ] }, "vendor_name": "Huawei Technologies Co., Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-8159", "datePublished": "2017-11-22T19:00:00Z", "dateReserved": "2017-04-25T00:00:00", "dateUpdated": "2024-09-16T19:40:02.593Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-7907
Vulnerability from cvelistv5
Published
2018-09-26 13:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei Technologies Co., Ltd. | Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10 |
Version: Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00 ...[truncated*] |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T06:37:59.653Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10", "vendor": "Huawei Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00 ...[truncated*]" } ] } ], "datePublic": "2018-09-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak." } ], "problemTypes": [ { "descriptions": [ { "description": "sensitive information leak", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-09-26T12:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en" } ], "x_ConverterErrors": { "version_name": { "error": "version_name too long. Use array of versions to record more than one version.", "message": "Truncated!" } }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2018-7907", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10", "version": { "version_data": [ { "version_value": "Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00B223,Toronto-TL10 Toronto-TL10C01B223" } ] } } ] }, "vendor_name": "Huawei Technologies Co., Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "sensitive information leak" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2018-7907", "datePublished": "2018-09-26T13:00:00", "dateReserved": "2018-03-09T00:00:00", "dateUpdated": "2024-08-05T06:37:59.653Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }