Vulnerabilites related to huawei - kobe-l09a
Vulnerability from fkie_nvd
Published
2018-09-26 13:29
Modified
2024-11-21 04:12
Severity ?
Summary
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c100b257custc100d001:*:*:*:*:*:*:*",
"matchCriteriaId": "5F827EDE-1276-46C4-B802-E0F6182636B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c170b253custc170d001:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C51EE3-995E-4652-BF65-BD274B7C7848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c199b251custc199d001:*:*:*:*:*:*:*",
"matchCriteriaId": "64663B9D-2047-46FE-B7BE-A10BD60D4DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-l09_firmware:ags-l09c229b003custc229d001:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BAFF17-A6D9-48D7-BA9E-5896FA281A66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:agassi-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3833712-95E8-4CC9-B55E-2F029E54C667",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c100b257custc100d001:*:*:*:*:*:*:*",
"matchCriteriaId": "D7349EFB-FE37-4584-BCA0-950C64F0BD4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c128b252custc128d001:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF5BA80-7832-40AD-A97E-E11A3F60E02F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c170b252custc170d001:*:*:*:*:*:*:*",
"matchCriteriaId": "123D3E09-7528-4572-9A6B-6052829E66DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c229b251custc229d001:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4C327-1C75-4222-A112-3F4B3A2E35C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c331b003custc331d001:*:*:*:*:*:*:*",
"matchCriteriaId": "95C1874D-290E-46EE-AB85-49BFB2C7A7AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agassi-w09_firmware:ags-w09c794b001custc794d001:*:*:*:*:*:*:*",
"matchCriteriaId": "BB392D3A-DAA3-410C-AC55-93494C2BCF51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:agassi-w09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D90B4A-C25C-4DE3-9014-582F635E936F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c100b160custc100d001:*:*:*:*:*:*:*",
"matchCriteriaId": "E253E252-267B-4765-BFB7-37B2691878B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c170b160custc170d001:*:*:*:*:*:*:*",
"matchCriteriaId": "D94BECC2-AB1C-450F-8BC1-EB6B2BE7B61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c199b162custc199d001:*:*:*:*:*:*:*",
"matchCriteriaId": "C77A32FD-9B24-493D-96CA-DCBE379ACC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c209b160custc209d001:*:*:*:*:*:*:*",
"matchCriteriaId": "5322B262-F0E9-4C81-B4DF-B960A7BABE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:baggio2-u01a_firmware:bg2-u01c333b160custc333d001:*:*:*:*:*:*:*",
"matchCriteriaId": "891DF843-1CAF-4CBC-9A11-7741BFB42943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:baggio2-u01a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B44EB2A1-70E1-4056-AE68-88ED157416FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bond-al00c_firmware:bond-al00cc00b201:*:*:*:*:*:*:*",
"matchCriteriaId": "19E20C9A-EAAD-45E8-A477-38EDE08040E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bond-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276913D1-0C7C-41D1-8CD8-F23386B6441B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bond-al10b_firmware:bond-al10bc00b201:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7D3DEB-35D9-4FD6-A0D3-0B8740E3C03E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bond-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81E62E7-5286-4932-9498-FAF5E01D9C16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bond-tl10b_firmware:bond-tl10bc01b201:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD3CE44-E738-403E-95EF-0B4C85E1D453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bond-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F076DF-3AD0-45FB-A98D-FCC5CCFD0464",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bond-tl10c_firmware:bond-tl10cc01b131:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F95540-3D6C-40E1-B8EC-1959DB5B25D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bond-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07A146F-0FB6-4F24-9A62-81418471C437",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:haydn-l1jb_firmware:hdn-l1jc137b068:*:*:*:*:*:*:*",
"matchCriteriaId": "0560310F-ACD9-425D-A69B-A421BEF93422",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:haydn-l1jb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FBEFB8E-593E-4FF2-B7B3-A35AEA88FBBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c100b252custc100d001:*:*:*:*:*:*:*",
"matchCriteriaId": "4303A983-8A41-4534-B635-752A842C9818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c209b002custc209d001:*:*:*:*:*:*:*",
"matchCriteriaId": "7B439486-8545-4EAC-AC83-1AA21C6BD2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:kobe-l09a_firmware:kob-l09c362b001custc362d001:*:*:*:*:*:*:*",
"matchCriteriaId": "866E2099-F472-4757-A662-ED42891BA46F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:kobe-l09a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1B9004-674D-474C-B549-8F676E55C062",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b226:*:*:*:*:*:*:*",
"matchCriteriaId": "35CF61AD-3D04-42D4-8981-31A1201D4DB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C4B423-90C0-4A6E-A246-1A8BB7282AC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:kobe-w09c_firmware:kob-w09c128b251custc128d001:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEEA7E6-354F-42FF-B2FA-778369FB758A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:kobe-w09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D61E75D7-6AAB-4DFF-B5FE-5813511A6025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22c_firmware:8.0.0.101_c675custc675d2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA04479-3205-4B8C-A718-310FEC6BB0C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80D7FA39-2EE4-49F8-9EF4-009304DB6108",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22d_firmware:8.0.0.101_c675custc675d2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF94D1CF-8781-4B2B-9D7F-8AF4ECFFB4AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A956F54-5B4B-4103-BA45-88F8FF7D9FD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rhone-al00_firmware:rhone-al00c00b186:*:*:*:*:*:*:*",
"matchCriteriaId": "9A9B77C6-81F3-4F03-B2DA-ADA61E76E239",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rhone-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4584E368-FDA6-41FD-923F-74A30E404967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:selina-l02_firmware:selina-l02c432b153:*:*:*:*:*:*:*",
"matchCriteriaId": "C5033AC6-6E65-4D44-ACB3-5FA17CDFC5C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:selina-l02:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DED60F5C-D4BF-4BE4-87F2-44B0F3490DE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:stanford-l09s_firmware:stanford-l09sc432b183:*:*:*:*:*:*:*",
"matchCriteriaId": "D520B64B-B051-45FE-BE6F-EBEBE9FE0777",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:stanford-l09s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5091556-29A3-4781-A6CA-FB0BD03DEB01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:toronto-al00_firmware:toronto-al00c00b223:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB76207-04DB-44A2-B06B-505E910D1440",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:toronto-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "876D76BE-3687-4049-B3C9-7E1469E18CC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:toronto-al00a_firmware:toronto-al00ac00b223:*:*:*:*:*:*:*",
"matchCriteriaId": "77565C14-795B-420E-B08C-FC6BDC3626E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:toronto-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A83D96D-0B5A-42F0-B967-BC27C5B14573",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:toronto-tl10_firmware:toronto-tl10c01b223:*:*:*:*:*:*:*",
"matchCriteriaId": "E71D795C-A2FA-4416-BEE8-3C4EA801E186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:toronto-tl10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7401A6EC-6133-442D-A638-FF03132D0EF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak."
},
{
"lang": "es",
"value": "Algunos productos Huawei Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223 y Toronto-TL10 Toronto-TL10C01B223 tienen una vulnerabilidad de filtrado de informaci\u00f3n sensible. Un atacante puede enga\u00f1ar a un usuario para que instale una aplicaci\u00f3n maliciosa para explotar esta vulnerabilidad. Debido a la verificaci\u00f3n insuficiente de las entradas, su explotaci\u00f3n exitosa puede provocar un filtrado de informaci\u00f3n sensible."
}
],
"id": "CVE-2018-7907",
"lastModified": "2024-11-21T04:12:57.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-26T13:29:00.527",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201809-1110
Vulnerability from variot
plural Huawei The product contains an information disclosure vulnerability.Information may be obtained. Agassi-L09 and Agassi-W09 are all smart products of Huawei. The attacker exploited this vulnerability by convincing the user to install a malicious application because the input was not fully verified. The successful exploitation of the vulnerability by an attacker can lead to the disclosure of sensitive information. The Huawei Agassi-L09 is a tablet device. The vulnerability is caused by the program's insufficient input validation. The following products and versions are affected: Huawei Agassi-L09 AGS-L09C100B257CUSTC100D001 Version, AGS-L09C170B253CUSTC170D001 Version, AGS-L09C199B251CUSTC199D001 Version, AGS-L09C229B003CUSTC229D001 Version; Agassi-W09 AGS-W09C100B257CUSTC100D001 Version, AGS-W09C128B252CUSTC128D001 Version, AGS-W09C170B252CUSTC170D001 Version, AGS -W09C229B251CUSTC229D001 Version, AGS-W09C331B003CUSTC331D001 Version, AGS-W09C794B001CUSTC794D001 Version; Baggio2-U01A BG2-U01C100B160CUSTC100D001 Version, BG2-U01C170B160CUSTC170D001 Version, BG2-U01C199B162CUSTC199D001 Version, BG2-U01C209B160CUSTC209D001 Version, BG2-U01C333B160CUSTC333D001 Version; Bond-AL00C Bond-AL00CC00B201 Version; Bond-AL10B Bond-AL10BC00B201 version; Bond-TL10B Bond-TL10BC01B201 version; Bond-TL10C Bond-TL10CC01B131 version; Haydn-L1JB HDN-L1JC137B068; Kobe-L09A
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "agassi-l09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-l09c100b257custc100d001"
},
{
"model": "agassi-l09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-l09c170b253custc170d001"
},
{
"model": "agassi-l09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-l09c199b251custc199d001"
},
{
"model": "agassi-l09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-l09c229b003custc229d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c100b257custc100d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c128b252custc128d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c170b252custc170d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c229b251custc229d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c331b003custc331d001"
},
{
"model": "agassi-w09",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "ags-w09c794b001custc794d001"
},
{
"model": "baggio2-u01a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bg2-u01c100b160custc100d001"
},
{
"model": "baggio2-u01a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bg2-u01c170b160custc170d001"
},
{
"model": "baggio2-u01a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bg2-u01c199b162custc199d001"
},
{
"model": "baggio2-u01a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bg2-u01c209b160custc209d001"
},
{
"model": "baggio2-u01a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bg2-u01c333b160custc333d001"
},
{
"model": "bond-al00c",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bond-al00cc00b201"
},
{
"model": "bond-al10b",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bond-al10bc00b201"
},
{
"model": "bond-tl10b",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bond-tl10bc01b201"
},
{
"model": "bond-tl10c",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "bond-tl10cc01b131"
},
{
"model": "haydn-l1jb",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "hdn-l1jc137b068"
},
{
"model": "kobe-l09a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "kob-l09c100b252custc100d001"
},
{
"model": "kobe-l09a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "kob-l09c209b002custc209d001"
},
{
"model": "kobe-l09a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "kob-l09c362b001custc362d001"
},
{
"model": "kobe-l09ahn",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "kob-l09c233b226"
},
{
"model": "kobe-w09c",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "kob-w09c128b251custc128d001"
},
{
"model": "rhone-al00",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "rhone-al00c00b186"
},
{
"model": "selina-l02",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "selina-l02c432b153"
},
{
"model": "stanford-l09s",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "stanford-l09sc432b183"
},
{
"model": "toronto-al00",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "toronto-al00c00b223"
},
{
"model": "toronto-al00a",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "toronto-al00ac00b223"
},
{
"model": "toronto-tl10",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "toronto-tl10c01b223"
},
{
"model": "lelandp-l22c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.101_c675custc675d2"
},
{
"model": "lelandp-l22d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.101_c675custc675d2"
},
{
"model": "lelandp-l22c",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "8.0.0.101(c675custc675d2)"
},
{
"model": "lelandp-l22d",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "8.0.0.101(c675custc675d2)"
},
{
"model": "agassi-l09 ags-l09c100b257custc100d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-l09 ags-l09c170b253custc170d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-l09 ags-l09c199b251custc199d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-l09 ags-l09c229b003custc229d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c100b257custc100d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c128b252custc128d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c170b252custc170d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c229b251custc229d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c331b003custc331d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "agassi-w09 ags-w09c794b001custc794d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "baggio2-u01a bg2-u01c100b160custc100d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "baggio2-u01a bg2-u01c170b160custc170d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "baggio2-u01a bg2-u01c199b162custc199d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "baggio2-u01a bg2-u01c209b160custc209d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "baggio2-u01a bg2-u01c333b160custc333d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "bond-al00c bond-al00cc00b201",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "bond-al10b bond-al10bc00b201",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "bond-tl10b bond-tl10bc01b201",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "bond-tl10c bond-tl10cc01b131",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "haydn-l1jb hdn-l1jc137b068",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "kobe-l09a kob-l09c100b252custc100d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "kobe-l09a kob-l09c209b002custc209d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "kobe-l09a kob-l09c362b001custc362d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "kobe-l09ahn kob-l09c233b226",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "kobe-w09c kob-w09c128b251custc128d001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-l22c 8.0.0.101",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-l22d 8.0.0.101",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "rhone-al00 rhone-al00c00b186",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "selina-l02 selina-l02c432b153",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "stanford-l09s stanford-l09sc432b183",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "toronto-al00 toronto-al00c00b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "toronto-al00a toronto-al00ac00b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "toronto-tl10 toronto-tl10c01b223",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:agassi-l09_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:agassi-w09_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:baggio2-u01a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:bond-al00c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:bond-al10b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:bond-tl10b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:bond-tl10c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:haydn-l1jb_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:kobe-l09a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:kobe-l09ahn_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:kobe-w09c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:lelandp-l22c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:lelandp-l22d_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:rhone-al00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:selina-l02_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:stanford-l09s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:toronto-al00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:toronto-al00a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:toronto-tl10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
}
]
},
"cve": "CVE-2018-7907",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7907",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-19589",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-137939",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-7907",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7907",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-7907",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-19589",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-938",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-137939",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei The product contains an information disclosure vulnerability.Information may be obtained. Agassi-L09 and Agassi-W09 are all smart products of Huawei. The attacker exploited this vulnerability by convincing the user to install a malicious application because the input was not fully verified. The successful exploitation of the vulnerability by an attacker can lead to the disclosure of sensitive information. The Huawei Agassi-L09 is a tablet device. The vulnerability is caused by the program\u0027s insufficient input validation. The following products and versions are affected: Huawei Agassi-L09 AGS-L09C100B257CUSTC100D001 Version, AGS-L09C170B253CUSTC170D001 Version, AGS-L09C199B251CUSTC199D001 Version, AGS-L09C229B003CUSTC229D001 Version; Agassi-W09 AGS-W09C100B257CUSTC100D001 Version, AGS-W09C128B252CUSTC128D001 Version, AGS-W09C170B252CUSTC170D001 Version, AGS -W09C229B251CUSTC229D001 Version, AGS-W09C331B003CUSTC331D001 Version, AGS-W09C794B001CUSTC794D001 Version; Baggio2-U01A BG2-U01C100B160CUSTC100D001 Version, BG2-U01C170B160CUSTC170D001 Version, BG2-U01C199B162CUSTC199D001 Version, BG2-U01C209B160CUSTC209D001 Version, BG2-U01C333B160CUSTC333D001 Version; Bond-AL00C Bond-AL00CC00B201 Version; Bond-AL10B Bond-AL10BC00B201 version; Bond-TL10B Bond-TL10BC01B201 version; Bond-TL10C Bond-TL10CC01B131 version; Haydn-L1JB HDN-L1JC137B068; Kobe-L09A",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7907",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-19589",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-137939",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"id": "VAR-201809-1110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
}
],
"trust": 1.562878789090909
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
}
]
},
"last_update_date": "2024-11-23T23:08:34.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180919-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
},
{
"title": "Patches for various Huawei product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/140897"
},
{
"title": "Multiple Huawei Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85056"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180919-02-smartphone-cn"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7907"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7907"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"db": "VULHUB",
"id": "VHN-137939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"date": "2018-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-137939"
},
{
"date": "2018-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"date": "2018-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"date": "2018-09-26T13:29:00.527000",
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19589"
},
{
"date": "2018-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-137939"
},
{
"date": "2018-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010986"
},
{
"date": "2018-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-938"
},
{
"date": "2024-11-21T04:12:57.170000",
"db": "NVD",
"id": "CVE-2018-7907"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Information disclosure vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010986"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-938"
}
],
"trust": 0.6
}
}
CVE-2018-7907 (GCVE-0-2018-7907)
Vulnerability from cvelistv5
Published
2018-09-26 13:00
Modified
2024-08-05 06:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- sensitive information leak
Summary
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10 |
Version: Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00 ...[truncated*] |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00 ...[truncated*]"
}
]
}
],
"datePublic": "2018-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "sensitive information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-26T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Agassi-L09,Agassi-W09,Baggio2-U01A,Bond-AL00C,Bond-AL10B,Bond-TL10B,Bond-TL10C,Haydn-L1JB,Kobe-L09A,Kobe-L09AHN,Kobe-W09C,LelandP-L22C,LelandP-L22D,Rhone-AL00,Selina-L02,Stanford-L09S,Toronto-AL00,Toronto-AL00A,Toronto-TL10",
"version": {
"version_data": [
{
"version_value": "Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001,Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001,Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001,Bond-AL00C Bond-AL00CC00B201,Bond-AL10B Bond-AL10BC00B201,Bond-TL10B Bond-TL10BC01B201,Bond-TL10C Bond-TL10CC01B131,Haydn-L1JB HDN-L1JC137B068,Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001,Kobe-L09AHN KOB-L09C233B226,Kobe-W09C KOB-W09C128B251CUSTC128D001,LelandP-L22C 8.0.0.101(C675CUSTC675D2),LelandP-L22D 8.0.0.101(C675CUSTC675D2),Rhone-AL00 Rhone-AL00C00B186,Selina-L02 Selina-L02C432B153,Stanford-L09S Stanford-L09SC432B183,Toronto-AL00 Toronto-AL00C00B223,Toronto-AL00A Toronto-AL00AC00B223,Toronto-TL10 Toronto-TL10C01B223"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "sensitive information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180919-02-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7907",
"datePublished": "2018-09-26T13:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}