CVE-2017-2715

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak.
Configurations

Configuration 1 (hide)

cpe:2.3:a:huawei:files:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:24

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en - VDB Entry () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en - VDB Entry

Information

Published : 2017-11-22 19:29

Updated : 2024-11-21 03:24


NVD link : CVE-2017-2715

Mitre link : CVE-2017-2715

CVE.ORG link : CVE-2017-2715


JSON object : View

Products Affected

huawei

  • files
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor