{"id": "CVE-2017-2710", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.9}]}, "published": "2017-11-22T19:29:00.943", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "http://www.securityfocus.com/bid/98712", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed."}, {"lang": "es", "value": "BTV-W09C229B002CUSTC229D005, BTV-W09C233B029, versiones anteriores a la BTV-W09C100B006CUSTC100D002, anteriores a la BTV-W09C128B003CUSTC128D002, anteriores a la BTV-W09C199B002CUSTC199D002, anteriores a la BTV-W09C209B005CUSTC209D001, anteriores a la BTV-W09C331B002CUSTC331D001, anteriores a la CRR-L09C432B390 y las versiones anteriores a la CRR-L09C605B355CUSTC605D003 tienen una vulnerabilidad de segurida de omisi\u00f3n de Factory Reset Protection (FRP). Al reconfigurar el tel\u00e9fono m\u00f3vil empleando la funci\u00f3n factory reset protection (FRP), un atacante puede realizar algunas operaciones para actualizar la cuenta de Google. Como resultado, se omite la funci\u00f3n FRP."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c229b002custc229d005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "929EB58C-7E30-47A0-A660-EF4532395BF9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c233b029:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "637164D2-0F09-4077-B952-A918CF11D15F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8AC1C1F-10A4-4B2D-A5DB-8A44AF38EC3A", "versionEndExcluding": "btv-w09c100b006custc100d002"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05FD4EDF-B5C2-4FCE-ADF9-6240571FC754", "versionEndExcluding": "btv-w09c128b003custc128d002"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E5462AB-7C87-451B-B01C-4BDE9C3AFC73", "versionEndExcluding": "btv-w09c199b002custc199d002"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C9C3E58-2B26-4AE0-9351-6E9CF55A4412", "versionEndExcluding": "btv-w09c209b005custc209d001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:beethoven-w09a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "212B7634-E057-41AE-B24F-8A7C37327698", "versionEndExcluding": "btv-w09c331b002custc331d001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D0C3359-8792-48EF-BF72-540A65B5A535"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:crr-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F048E2DD-1138-4A7E-B65F-347F3C46E1C6", "versionEndExcluding": "crr-l09c432b390"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:crr-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA595177-C2DC-4573-BE82-A4626E308F3E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:crr-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDB7E0B-D284-49CA-8752-5631AD172BD4", "versionEndExcluding": "crr-l09c605b355custc605d003"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:crr-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA595177-C2DC-4573-BE82-A4626E308F3E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}
