cvelistv5 - CVE-2017-2705

CVE-2017-2705

Vulnerability from cvelistv5

Published

2017-11-22 19:00

Modified

2024-09-17 02:57

Severity ?

Summary

References

URL	Tags
psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en	Issue Tracking, Vendor Advisory
psirt@huawei.com	http://www.securityfocus.com/bid/95661	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95661	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	Huawei P9	Version: Versions earlier before EVA-AL10C00B365, Versions earlier before EVA-AL00C00B365, Versions earlier before EVA-CL00C92B365, Versions earlier before EVA-DL00C17B365, Versions earlier before EVA-TL00C01B365

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
          },
          {
            "name": "95661",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95661"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Huawei P9",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Versions earlier before EVA-AL10C00B365, Versions earlier before EVA-AL00C00B365, Versions earlier before EVA-CL00C92B365, Versions earlier before EVA-DL00C17B365, Versions earlier before EVA-TL00C01B365"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Phone Activation Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-23T10:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
        },
        {
          "name": "95661",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95661"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-11-15T00:00:00",
          "ID": "CVE-2017-2705",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Huawei P9",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions earlier before EVA-AL10C00B365, Versions earlier before EVA-AL00C00B365, Versions earlier before EVA-CL00C92B365, Versions earlier before EVA-DL00C17B365, Versions earlier before EVA-TL00C01B365"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Phone Activation Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
            },
            {
              "name": "95661",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95661"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-2705",
    "datePublished": "2017-11-22T19:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-17T02:57:56.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2705\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2017-11-22T19:29:00.757\",\"lastModified\":\"2024-11-21T03:24:01.170\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.\"},{\"lang\":\"es\",\"value\":\"Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL10C00B365, anteriores a la EVA-AL00C00B365, anteriores a la EVA-CL00C92B365, anteriores a la EVA-DL00C17B365 y versiones anteriores a la EVA-TL00C01B365 tienen una vulnerabilidad de omisi\u00f3n de activaci\u00f3n del tel\u00e9fono. Un exploit exitoso podr\u00eda permitir que un atacante no autenticado omita la activaci\u00f3n del tel\u00e9fono en la p\u00e1gina de configuraci\u00f3n del tel\u00e9fono.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":2.4,\"baseSeverity\":\"LOW\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"eva-al00c00b365\",\"matchCriteriaId\":\"A3EE763A-E94A-409E-B18E-1C3D8B019A31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"eva-al10c00b365\",\"matchCriteriaId\":\"9AC0DE37-8554-4991-8635-88C8142CEE2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"eva-cl00c92b365\",\"matchCriteriaId\":\"9E42B312-E33B-43F6-AEAF-48D45FBCE02D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"eva-dl00c17b365\",\"matchCriteriaId\":\"C236BA60-0F13-41C2-B264-764E99521920\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"eva-tl00c01b365\",\"matchCriteriaId\":\"D12D80E6-161A-45F8-BE8D-E3F156C722C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95661\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95661\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

gsd-2017-2705

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-2705

Aliases

CVE-2017-2705

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2705",
    "description": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.",
    "id": "GSD-2017-2705"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2705"
      ],
      "details": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.",
      "id": "GSD-2017-2705",
      "modified": "2023-12-13T01:21:05.840982Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "DATE_PUBLIC": "2017-11-15T00:00:00",
        "ID": "CVE-2017-2705",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Huawei P9",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions earlier before EVA-AL10C00B365, Versions earlier before EVA-AL00C00B365, Versions earlier before EVA-CL00C92B365, Versions earlier before EVA-DL00C17B365, Versions earlier before EVA-TL00C01B365"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Huawei Technologies Co., Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Phone Activation Bypass"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
          },
          {
            "name": "95661",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95661"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "eva-al00c00b365",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "eva-al10c00b365",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "eva-cl00c92b365",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "eva-dl00c17b365",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "eva-tl00c01b365",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-2705"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
            },
            {
              "name": "95661",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95661"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 0.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-11-22T19:29Z"
    }
  }
}

Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone product from China's Huawei company. HuaweiP9 has a mobile activation bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201711-0221",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "p9",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "eva-al00c00b365"
      },
      {
        "model": "p9",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "eva-al10c00b365"
      },
      {
        "model": "p9",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "eva-cl00c92b365"
      },
      {
        "model": "p9",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "eva-dl00c17b365"
      },
      {
        "model": "p9",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "eva-tl00c01b365"
      },
      {
        "model": "p9 \u003ceva-al00c00b365",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 \u003ceva-cl00c92b365",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 \u003ceva-dl00c17b365",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00b195",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00b193",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00b192",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00b190",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl10c00",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl00c01b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00b195",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00b193",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00b192",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00b190",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl10c00",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl00c17b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00b195",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00b193",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00b192",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00b190",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl10c00",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl00c92b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b373",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b352",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b195",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b193",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b192",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b190",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al00c00b352",
        "scope": null,
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-tl00c01b365",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-dl00c17b365",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-cl00c92b365",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al10c00b365",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p9 eva-al00c00b365",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "BID",
        "id": "95661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:huawei:p9_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "95661"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2705",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-2705",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-00661",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-110908",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 0.9,
            "id": "CVE-2017-2705",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2705",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2705",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-00661",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201701-772",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110908",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone product from China\u0027s Huawei company. HuaweiP9 has a mobile activation bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "BID",
        "id": "95661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2705",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "95661",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "db": "BID",
        "id": "95661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "id": "VAR-201711-0221",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      }
    ],
    "trust": 1.28483934
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:30:38.270000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20170118-02-smartphone",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
      },
      {
        "title": "HuaweiP9 mobile phone activates the patch to bypass the vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/88422"
      },
      {
        "title": "Huawei P9 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67331"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/95661"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2705"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2705"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170118-02-smartphone-cn"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "db": "BID",
        "id": "95661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "db": "BID",
        "id": "95661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-01-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "date": "2017-11-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "date": "2017-01-18T00:00:00",
        "db": "BID",
        "id": "95661"
      },
      {
        "date": "2017-12-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "date": "2017-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "date": "2017-11-22T19:29:00.757000",
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-01-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-00661"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110908"
      },
      {
        "date": "2017-01-23T03:11:00",
        "db": "BID",
        "id": "95661"
      },
      {
        "date": "2017-12-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      },
      {
        "date": "2024-11-21T03:24:01.170000",
        "db": "NVD",
        "id": "CVE-2017-2705"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei P9 Smartphone software access control vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-010492"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-772"
      }
    ],
    "trust": 0.6
  }
}

ghsa-3mfm-97cm-96cr

Vulnerability from github

Published

2022-05-13 01:44

Modified

2022-05-13 01:44

Severity ?

2.4 (Low) - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2705"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-22T19:29:00Z",
    "severity": "LOW"
  },
  "details": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.",
  "id": "GHSA-3mfm-97cm-96cr",
  "modified": "2022-05-13T01:44:54Z",
  "published": "2022-05-13T01:44:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2705"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95661"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2017-2705

Vulnerability from fkie_nvd

Published

2017-11-22 19:29

Modified

2024-11-21 03:24

Severity ?

2.4 (Low) - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

URL	Tags
psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en	Issue Tracking, Vendor Advisory
psirt@huawei.com	http://www.securityfocus.com/bid/95661	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95661	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
huawei	p9_firmware	*
huawei	p9	-
huawei	p9_firmware	*
huawei	p9	-
huawei	p9_firmware	*
huawei	p9	-
huawei	p9_firmware	*
huawei	p9	-
huawei	p9_firmware	*
huawei	p9	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3EE763A-E94A-409E-B18E-1C3D8B019A31",
              "versionEndExcluding": "eva-al00c00b365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC0DE37-8554-4991-8635-88C8142CEE2C",
              "versionEndExcluding": "eva-al10c00b365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E42B312-E33B-43F6-AEAF-48D45FBCE02D",
              "versionEndExcluding": "eva-cl00c92b365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C236BA60-0F13-41C2-B264-764E99521920",
              "versionEndExcluding": "eva-dl00c17b365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12D80E6-161A-45F8-BE8D-E3F156C722C0",
              "versionEndExcluding": "eva-tl00c01b365",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone."
    },
    {
      "lang": "es",
      "value": "Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL10C00B365, anteriores a la EVA-AL00C00B365, anteriores a la EVA-CL00C92B365, anteriores a la EVA-DL00C17B365 y versiones anteriores a la EVA-TL00C01B365 tienen una vulnerabilidad de omisi\u00f3n de activaci\u00f3n del tel\u00e9fono. Un exploit exitoso podr\u00eda permitir que un atacante no autenticado omita la activaci\u00f3n del tel\u00e9fono en la p\u00e1gina de configuraci\u00f3n del tel\u00e9fono."
    }
  ],
  "id": "CVE-2017-2705",
  "lastModified": "2024-11-21T03:24:01.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "LOW",
          "baseScore": 2.4,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-22T19:29:00.757",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
    },
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95661"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95661"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-2705

Vulnerability from cvelistv5

gsd-2017-2705

Vulnerability from gsd

var-201711-0221

Vulnerability from variot

ghsa-3mfm-97cm-96cr

Vulnerability from github

fkie_cve-2017-2705

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature