CVE-2019-5244

Опубликовано: 04 июн. 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-informationleak-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-informationleak-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:mate_9_pro_fimware:*:*:*:*:*:*:*:*

Версия до lon-l29c_8.0.0.361\(c636\) (исключая)

cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00106

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-h243-hj7h-322p