| ID |
CVE-2017-18129
|
| Summary |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
-
cpe:2.3:o:qualcomm:msm8996_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8996_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*
-
cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*
-
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 03-10-2019 - 00:03) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-668 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
|
| Last major update |
03-10-2019 - 00:03 |
| Published |
11-04-2018 - 15:29 |
| Last modified |
03-10-2019 - 00:03 |
