CVE-2019-5251

There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:enjoy_7s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:enjoy_7s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:m6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:m6:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:honor_20s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_20s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:44

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en - Vendor Advisory

Information

Published : 2019-12-13 15:15

Updated : 2024-11-21 04:44


NVD link : CVE-2019-5251

Mitre link : CVE-2019-5251

CVE.ORG link : CVE-2019-5251


JSON object : View

Products Affected

huawei

  • honor_9i_firmware
  • p30_pro
  • p30_pro_firmware
  • mate_20
  • honor_v10_firmware
  • honor_20s_firmware
  • p30
  • enjoy_7s_firmware
  • m6
  • honor_9_lite
  • mate_20_firmware
  • p30_firmware
  • honor_20s
  • enjoy_7s
  • honor_v10
  • m6_firmware
  • honor_9_lite_firmware
  • honor_9i
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')