CVE-2018-7907

EPSS 0.11%
Published 26.09.2018 13:29:00
Last modified 21.11.2024 04:12:57
Source psirt@huawei.com
Teams watchlist Login
Open Login

Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Agassi-l09 Firmware Versionags-l09c100b257custc100d001

Huawei ≫ Agassi-l09 Version-

Huawei ≫ Agassi-l09 Firmware Versionags-l09c170b253custc170d001

Huawei ≫ Agassi-l09 Version-

Huawei ≫ Agassi-l09 Firmware Versionags-l09c199b251custc199d001

Huawei ≫ Agassi-l09 Version-

Huawei ≫ Agassi-l09 Firmware Versionags-l09c229b003custc229d001

Huawei ≫ Agassi-l09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c100b257custc100d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c128b252custc128d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c170b252custc170d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c229b251custc229d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c331b003custc331d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Agassi-w09 Firmware Versionags-w09c794b001custc794d001

Huawei ≫ Agassi-w09 Version-

Huawei ≫ Baggio2-u01a Firmware Versionbg2-u01c100b160custc100d001

Huawei ≫ Baggio2-u01a Version-

Huawei ≫ Baggio2-u01a Firmware Versionbg2-u01c170b160custc170d001

Huawei ≫ Baggio2-u01a Version-

Huawei ≫ Baggio2-u01a Firmware Versionbg2-u01c199b162custc199d001

Huawei ≫ Baggio2-u01a Version-

Huawei ≫ Baggio2-u01a Firmware Versionbg2-u01c209b160custc209d001

Huawei ≫ Baggio2-u01a Version-

Huawei ≫ Baggio2-u01a Firmware Versionbg2-u01c333b160custc333d001

Huawei ≫ Baggio2-u01a Version-

Huawei ≫ Bond-al00c Firmware Versionbond-al00cc00b201

Huawei ≫ Bond-al00c Version-

Huawei ≫ Bond-al10b Firmware Versionbond-al10bc00b201

Huawei ≫ Bond-al10b Version-

Huawei ≫ Bond-tl10b Firmware Versionbond-tl10bc01b201

Huawei ≫ Bond-tl10b Version-

Huawei ≫ Bond-tl10c Firmware Versionbond-tl10cc01b131

Huawei ≫ Bond-tl10c Version-

Huawei ≫ Haydn-l1jb Firmware Versionhdn-l1jc137b068

Huawei ≫ Haydn-l1jb Version-

Huawei ≫ Kobe-l09a Firmware Versionkob-l09c100b252custc100d001

Huawei ≫ Kobe-l09a Version-

Huawei ≫ Kobe-l09a Firmware Versionkob-l09c209b002custc209d001

Huawei ≫ Kobe-l09a Version-

Huawei ≫ Kobe-l09a Firmware Versionkob-l09c362b001custc362d001

Huawei ≫ Kobe-l09a Version-

Huawei ≫ Kobe-l09ahn Firmware Versionkob-l09c233b226

Huawei ≫ Kobe-l09ahn Version-

Huawei ≫ Kobe-w09c Firmware Versionkob-w09c128b251custc128d001

Huawei ≫ Kobe-w09c Version-

Huawei ≫ Lelandp-l22c Firmware Version8.0.0.101_c675custc675d2

Huawei ≫ Lelandp-l22c Version-

Huawei ≫ Lelandp-l22d Firmware Version8.0.0.101_c675custc675d2

Huawei ≫ Lelandp-l22d Version-

Huawei ≫ Rhone-al00 Firmware Versionrhone-al00c00b186

Huawei ≫ Rhone-al00 Version-

Huawei ≫ Selina-l02 Firmware Versionselina-l02c432b153

Huawei ≫ Selina-l02 Version-

Huawei ≫ Stanford-l09s Firmware Versionstanford-l09sc432b183

Huawei ≫ Stanford-l09s Version-

Huawei ≫ Toronto-al00 Firmware Versiontoronto-al00c00b223

Huawei ≫ Toronto-al00 Version-

Huawei ≫ Toronto-al00a Firmware Versiontoronto-al00ac00b223

Huawei ≫ Toronto-al00a Version-

Huawei ≫ Toronto-tl10 Firmware Versiontoronto-tl10c01b223

Huawei ≫ Toronto-tl10 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.256

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-7907

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-7907

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-7907

EUVD