7.8

CVE-2018-11888

EPSS 0.03%
Veröffentlicht 11.02.2019 15:29:00
Zuletzt bearbeitet 21.11.2024 03:44:12
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439, Snapdragon_High_Med_2016.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Mdm9655 Firmware Version-

Qualcomm ≫ Mdm9655 Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Sd 210 Firmware Version-

Qualcomm ≫ Sd 210 Version-

Qualcomm ≫ Sd 212 Firmware Version-

Qualcomm ≫ Sd 212 Version-

Qualcomm ≫ Sd 205 Firmware Version-

Qualcomm ≫ Sd 205 Version-

Qualcomm ≫ Sd 410 Firmware Version-

Qualcomm ≫ Sd 410 Version-

Qualcomm ≫ Sd 412 Firmware Version-

Qualcomm ≫ Sd 412 Version-

Qualcomm ≫ Sd 425 Firmware Version-

Qualcomm ≫ Sd 425 Version-

Qualcomm ≫ Sd 427 Firmware Version-

Qualcomm ≫ Sd 427 Version-

Qualcomm ≫ Sd 430 Firmware Version-

Qualcomm ≫ Sd 430 Version-

Qualcomm ≫ Sd 435 Firmware Version-

Qualcomm ≫ Sd 435 Version-

Qualcomm ≫ Sd 439 Firmware Version-

Qualcomm ≫ Sd 439 Version-

Qualcomm ≫ Sd 429 Firmware Version-

Qualcomm ≫ Sd 429 Version-

Qualcomm ≫ Sd 450 Firmware Version-

Qualcomm ≫ Sd 450 Version-

Qualcomm ≫ Sd 615 Firmware Version-

Qualcomm ≫ Sd 615 Version-

Qualcomm ≫ Sd 616 Firmware Version-

Qualcomm ≫ Sd 616 Version-

Qualcomm ≫ Sd 415 Firmware Version-

Qualcomm ≫ Sd 415 Version-

Qualcomm ≫ Sd 625 Firmware Version-

Qualcomm ≫ Sd 625 Version-

Qualcomm ≫ Sd 632 Firmware Version-

Qualcomm ≫ Sd 632 Version-

Qualcomm ≫ Sd 650 Firmware Version-

Qualcomm ≫ Sd 650 Version-

Qualcomm ≫ Sd 652 Firmware Version-

Qualcomm ≫ Sd 652 Version-

Qualcomm ≫ Sd 820 Firmware Version-

Qualcomm ≫ Sd 820 Version-

Qualcomm ≫ Sd 820a Firmware Version-

Qualcomm ≫ Sd 820a Version-

Qualcomm ≫ Sd 835 Firmware Version-

Qualcomm ≫ Sd 835 Version-

Qualcomm ≫ Sd 8cx Firmware Version-

Qualcomm ≫ Sd 8cx Version-

Qualcomm ≫ Sdm439 Firmware Version-

Qualcomm ≫ Sdm439 Version-

Qualcomm ≫ Snapdragon High Med 2016 Firmware Version-

Qualcomm ≫ Snapdragon High Med 2016 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.039

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

http://www.securityfocus.com/bid/106475

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-11888

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11888

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11888

EUVD