CVE-2017-17139

Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:mate_9_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:17

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-04-smartphone-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-04-smartphone-en - Vendor Advisory

Information

Published : 2018-03-05 19:29

Updated : 2024-11-21 03:17


NVD link : CVE-2017-17139

Mitre link : CVE-2017-17139

CVE.ORG link : CVE-2017-17139


JSON object : View

Products Affected

huawei

  • mate_9_firmware
  • mate_9_pro_firmware
  • mate_9_pro
  • mate_9
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor