CVE-2019-5263

{"id": "CVE-2019-5263", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-11-29T20:15:12.003", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-backup-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-backup-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup."}, {"lang": "es", "value": "HiSuite con versiones 9.1.0.305 y anteriores y 9.1.0.305(MAC) y anteriores y HwBackup con versiones anteriores a 9.1.1.308, presentan una vulnerabilidad de datos de copia de seguridad encriptados por fuerza bruta. La informaci\u00f3n de la copia de seguridad del usuario del tel\u00e9fono inteligente Huawei puede ser obtenida mediante fuerza bruta de la contrase\u00f1a para cifrar la copia de seguridad."}], "lastModified": "2024-11-21T04:44:37.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:huawei:hisuite:*:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "7D75F234-2669-42CA-A0A1-B098090311C8", "versionEndIncluding": "9.1.0.305"}, {"criteria": "cpe:2.3:a:huawei:hisuite:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "C441C288-AA09-4D71-A6B2-9CD5301AE6FA", "versionEndIncluding": "9.1.0.305"}, {"criteria": "cpe:2.3:a:huawei:hwbackup:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE40AA61-6819-49F0-A027-35ED2F81B89A", "versionEndIncluding": "9.1.1.308"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@huawei.com"}