The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak.
References
Configurations
History
21 Nov 2024, 03:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en - VDB Entry |
Information
Published : 2017-11-22 19:29
Updated : 2024-11-21 03:24
NVD link : CVE-2017-2715
Mitre link : CVE-2017-2715
CVE.ORG link : CVE-2017-2715
JSON object : View
Products Affected
huawei
- files
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor