CVE-2017-15345

{"id": "CVE-2017-15345", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.7, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 5.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2018-02-15T16:29:01.000", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot."}, {"lang": "es", "value": "Los smartphones Huawei con software LON-L29DC721B186 tienen una vulnerabilidad de denegaci\u00f3n de servicio. Un atacante podr\u00eda crear una condici\u00f3n de salida de bucle inalcanzable mediante el env\u00edo del mensaje 3GPP manipulado. Una explotaci\u00f3n exitosa podr\u00eda hacer que el dispositivo se reinicie."}], "lastModified": "2024-11-21T03:14:30.650", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:lon-l29d_firmware:lon-l29dc721b186:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "520827CA-E768-4605-9E70-C6FA6E5D29E1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:lon-l29d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3652DBA0-1519-4D93-AA2B-C66F381F5C6A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}