exploitDog

CVE-2020-9064

Опубликовано: 12 мар. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:honor_v30_firmware:*:*:*:*:*:*:*:*

Версия до oxfords-an00a_10.0.1.167\(c00e166r4p1\) (включая)

cpe:2.3:h:huawei:honor_v30:-:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-xcxj-m6qv-mx7j

github

больше 3 лет назад

Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak.

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-287