5.5
CVE-2017-17201
- EPSS 0.08%
- Veröffentlicht 15.02.2018 16:29:02
- Zuletzt bearbeitet 21.11.2024 03:17:40
- Quelle psirt@huawei.com
- Teams Watchlist Login
- Unerledigt Login
Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS vulnerability. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ Btv-emui5.0 Firmware Versionbtv-dl09c233b350
Huawei ≫ Berlin-emui5.0 Firmware Versionberlin-l21hnc432b360
Huawei ≫ Berlin-emui5.0 Firmware Versionberlin-l22hnc636b360
Huawei ≫ Berlin-emui5.0 Firmware Versionberlin-l24hnc567b360
Huawei ≫ Berlin-l21 Firmware Versionberlin-l21c10b130
Huawei ≫ Berlin-l21 Firmware Versionberlin-l21c185b132
Huawei ≫ Berlin-l21 Firmware Versionberlin-l21c464b130
Huawei ≫ Berlin-l22 Firmware Versionberlin-l22c346b140
Huawei ≫ Berlin-l22 Firmware Versionberlin-l22c636b160
Huawei ≫ Berlin-l23 Firmware Versionberlin-l23c605b131
Huawei ≫ Berlin-l23 Firmware Versionberlin-l23domc109b160
Huawei ≫ Mha-al00a Firmware Versionmha-al00ac00b125
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.2 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.