Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-5213

Опубликовано: 12 нояб. 2019
Источник: nvd
CVSS3: 2.4
CVSS2: 1.9
EPSS Низкий

Описание

Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:honor_play_firmware:*:*:*:*:*:*:*:*
Версия до cornell-al00a_9.1.0.321\(c00e320r1p1t8\) (исключая)
cpe:2.3:h:huawei:honor_play:-:*:*:*:*:*:*:*

EPSS

Процентиль: 16%
0.00051
Низкий

2.4 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-r76g-8cjw-fqwr

github
больше 3 лет назад

Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock.

EPSS

Процентиль: 16%
0.00051
Низкий

2.4 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-287