CVE-2023-52106

Опубликовано: 16 янв. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 9.1

EPSS Низкий

Описание

Vulnerability of permission verification for APIs in the DownloadProviderMain module. Impact: Successful exploitation of this vulnerability will affect integrity and availability.

Ссылки

https://consumer.huawei.com/en/support/bulletin/2024/1/
Not Applicable
https://consumer.huawei.com/en/support/bulletin/2024/9/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977
Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2024/1/
Not Applicable
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

4.4 Medium

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-264

NVD-CWE-noinfo

Связанные уязвимости

GHSA-77jm-r76q-g5ph

CVSS3: 9.1

github

около 2 лет назад

The DownloadProviderMain module has a vulnerability in API permission verification. Successful exploitation of this vulnerability may affect integrity and availability.

EPSS

Процентиль: 18%

0.00058

Низкий

4.4 Medium

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-264

NVD-CWE-noinfo