CVE-2020-9202

EPSS 0.03%
Veröffentlicht 24.12.2020 16:15:16
Zuletzt bearbeitet 21.11.2024 05:40:09
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could cause information disclosure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Te Mobile Versionv600r006c10

Huawei ≫ Te Mobile Versionv600r006c10spc100

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.054

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-922 Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201209-01-informationleak-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-9202

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-9202

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-9202

EUVD