var-201711-0257
Vulnerability from variot
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a Huawei smartphone product from China. HuaweiP9 has a lock screen bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0257",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl00c92b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl00c17b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl00c01b373"
},
{
"model": "p9 \u003ceva-al10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl00c92b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl00c17b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p9 eva-tl00c01b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl00c17b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl00c92b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:p9_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95658"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2691",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-00662",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-110894",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-2691",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2691",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-2691",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-00662",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-773",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110894",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user\u0027s password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a Huawei smartphone product from China. HuaweiP9 has a lock screen bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "VULHUB",
"id": "VHN-110894"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2691",
"trust": 3.4
},
{
"db": "BID",
"id": "95658",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00662",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110894",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"id": "VAR-201711-0257",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
}
]
},
"last_update_date": "2024-11-23T22:34:27.635000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170118-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en"
},
{
"title": "HuaweiP9 lock screen bypasses the patch of the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/88421"
},
{
"title": "Huawei P9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67332"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95658"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2691"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2691"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170118-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110894"
},
{
"date": "2017-01-18T00:00:00",
"db": "BID",
"id": "95658"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"date": "2017-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"date": "2017-11-22T19:29:00.287000",
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-110894"
},
{
"date": "2017-01-23T00:12:00",
"db": "BID",
"id": "95658"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-773"
},
{
"date": "2024-11-21T03:23:59.293000",
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Smartphone software access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.