CVE-2017-17280

Опубликовано: 09 мар. 2018

Источник: nvd

CVSS3: 3.5

CVSS2: 2.9

EPSS Низкий

Описание

NFC (Near Field Communication) module in Huawei mobile phones with software LON-AL00BC00 has an information leak vulnerability. The attacker has to trick a user to do some specific operations and then craft the NFC message to exploit this vulnerability. Successful exploit will cause some information leak.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180307-01-phone-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180307-01-phone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:lon-al00b_firmware:lon-al00bc00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:lon-al00b:-:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00037

Низкий

3.5 Low

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-hpx3-j9vj-28q2