var-201711-0982
Vulnerability from variot
Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery. plural Huawei Smartphone software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 and other are all Huawei smartphones from China. There are resource consumption vulnerabilities in various Huawei phones. Huawei Honor Play 5A, etc. are all smartphone products of the Chinese company Huawei. The following products and versions are affected: Huawei Honor Play 5A CAM-L03C605B143CUSTC605D003 and earlier versions; Honor 8 Youth Edition Prague-L03C605B161 and earlier Prague-L23C605B160 versions; Mate9 MHA-AL00C00B225 and earlier versions; Mate9 Pro LON-AL00C00B225 Versions before; P10 VTR-AL00C00B167 and VTR-TL00C01B167; P10 Plus VKY-AL00C00B167 and VKY-TL00C01B167
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0982",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "honor 5a",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "cam-l03c605b143custc605d003"
},
{
"model": "honor 8 lite",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-l03c605b161"
},
{
"model": "honor 8 lite",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "prague-l23c605b160"
},
{
"model": "mate 9 pro",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "lon-al00c00b225"
},
{
"model": "mate 9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "mha-al00c00b225"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vky-al00c00b167"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vky-tl00c01b167"
},
{
"model": "p10",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vtr-al00c00b167"
},
{
"model": "p10",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vtr-tl00c01b167"
},
{
"model": "p10 plus vky-al00c00b167",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus vky-tl00c01b167",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 vtr-al00c00b167",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 vtr-tl00c01b167",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003cmha-al00c00b225",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate pro lon-al00c00b225",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9\u003c"
},
{
"model": "honor 5a cam-l03c605b143custc605d003",
"scope": "lt",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor youth edition prague-l03c605b161",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8\u003c"
},
{
"model": "honor youth edition prague-l23c605b160",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8\u003c"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:honor_5a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:honor_8_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:mate_9_pro_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:mate_9_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p10_plus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Erez Yalon of Checkmarx",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
}
],
"trust": 0.6
},
"cve": "CVE-2017-8144",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-8144",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19186",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-116347",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-8144",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8144",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-8144",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19186",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-140",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116347",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery. plural Huawei Smartphone software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 and other are all Huawei smartphones from China. There are resource consumption vulnerabilities in various Huawei phones. Huawei Honor Play 5A, etc. are all smartphone products of the Chinese company Huawei. The following products and versions are affected: Huawei Honor Play 5A CAM-L03C605B143CUSTC605D003 and earlier versions; Honor 8 Youth Edition Prague-L03C605B161 and earlier Prague-L23C605B160 versions; Mate9 MHA-AL00C00B225 and earlier versions; Mate9 Pro LON-AL00C00B225 Versions before; P10 VTR-AL00C00B167 and VTR-TL00C01B167; P10 Plus VKY-AL00C00B167 and VKY-TL00C01B167",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8144"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8144",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19186",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116347",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"id": "VAR-201711-0982",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
}
],
"trust": 1.468724446
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
}
]
},
"last_update_date": "2024-11-23T23:12:17.805000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170725-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en"
},
{
"title": "Patches for resource consumption vulnerabilities in various Huawei phones",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/99591"
},
{
"title": "Multiple Huawei Mobile phone security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=72382"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-920",
"trust": 1.0
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116347"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8144"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8144"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170725-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"db": "VULHUB",
"id": "VHN-116347"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116347"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"date": "2017-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"date": "2017-11-22T19:29:03.117000",
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19186"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-116347"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010809"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-140"
},
{
"date": "2024-11-21T03:33:24.477000",
"db": "NVD",
"id": "CVE-2017-8144"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to resource management in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010809"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-140"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.