CVE-2020-1813

Опубликовано: 15 июн. 2020

Источник: nvd

CVSS3: 6.8

CVSS2: 4.6

EPSS Низкий

Описание

HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*

Версия до 10.1.0.135\(c00e135r2p11\) (исключая)

cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00024

Низкий

6.8 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-mqqw-5995-r7pj

github

больше 3 лет назад