var-201911-0267
Vulnerability from variot
Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. The vulnerability stems from a reasonable record of module functionality. Error message
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0267", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "y6", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.205\\(c00e97r2p2\\)" }, { "model": "honor 10 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.217\\(c00e215r3p1\\)" }, { "model": "honor 8a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.205\\(c00e97r1p9\\)" }, { "model": "honor 10 lite", "scope": "lt", "trust": 0.8, "vendor": "huawei", "version": "9.1.0.217(c00e215r3p1)" }, { "model": "honor 8a", "scope": "lt", "trust": 0.8, "vendor": "huawei", "version": "9.1.0.205(c00e97r1p9)" }, { "model": "y6", "scope": "lt", "trust": 0.8, "vendor": "huawei", "version": "9.1.0.205(c00e97r2p2)" }, { "model": "honor lite \u003c9.1.0.217", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "honor 8a \u003c9.1.0.205", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "y6 \u003c9.1.0.205", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.217\\(c00e215r3p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_8a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.205\\(c00e97r1p9\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:huawei_y6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.205\\(c00e97r2p2\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:huawei_y6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-5292" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vulnerability was discovered by Huawei internal testing.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201910-1807" } ], "trust": 0.6 }, "cve": "CVE-2019-5292", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 2.1, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-5292", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2019-41249", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 1.8, "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 3.3, "baseSeverity": "Low", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2019-5292", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-5292", "trust": 1.8, "value": "LOW" }, { "author": "CNVD", "id": "CNVD-2019-41249", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201910-1807", "trust": 0.6, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" }, { "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. The vulnerability stems from a reasonable record of module functionality. Error message", "sources": [ { "db": "NVD", "id": "CVE-2019-5292" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "CNVD", "id": "CNVD-2019-41249" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-5292", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2019-011939", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2019-41249", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201910-1807", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" }, { "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "id": "VAR-201911-0267", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" } ], "trust": 1.18617425 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" } ] }, "last_update_date": "2023-12-18T13:33:19.474000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20191030-01-phone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en" }, { "title": "Patch for Huawei Honor 10 Lite, Honor 8A, and Huawei Y6 Information Disclosure Vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/190787" }, { "title": "Huawei Honor 10 Lite , Honor 8A and Huawei Y6 Repair measures for information disclosure vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=101065" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5292" }, { "trust": 1.2, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191030-01-phone-cn" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5292" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" }, { "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2019-41249" }, { "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "db": "NVD", "id": "CVE-2019-5292" }, { "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-11-19T00:00:00", "db": "CNVD", "id": "CNVD-2019-41249" }, { "date": "2019-11-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "date": "2019-11-13T16:15:11.657000", "db": "NVD", "id": "CVE-2019-5292" }, { "date": "2019-10-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-11-19T00:00:00", "db": "CNVD", "id": "CNVD-2019-41249" }, { "date": "2019-11-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-011939" }, { "date": "2020-08-24T17:37:01.140000", "db": "NVD", "id": "CVE-2019-5292" }, { "date": "2020-08-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201910-1807" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201910-1807" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Huawei Information disclosure vulnerability in mobile phones", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-011939" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201910-1807" } ], "trust": 0.6 } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.