CVE-2023-0035

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Configurations

Configuration 1 (hide)

cpe:2.3:o:openatom:openharmony:*:*:*:*:lts:*:*:*

History

09 Sep 2024, 12:21

Type Values Removed Values Added
CPE cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:* cpe:2.3:o:openatom:openharmony:*:*:*:*:lts:*:*:*
First Time Openatom
Openatom openharmony
Summary
  • (es) softbus_client_stub en el subsistema de comunicación dentro de OpenHarmony-v3.0.5 y versiones anteriores tiene una vulnerabilidad de omisión de autenticación que permite un "SA relay attack". Los atacantes locales pueden omitir la autenticación y atacar a otras SA con altos privilegios.

07 Nov 2023, 03:59

Type Values Removed Values Added
Summary softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Information

Published : 2023-01-09 03:15

Updated : 2024-09-09 12:21


NVD link : CVE-2023-0035

Mitre link : CVE-2023-0035

CVE.ORG link : CVE-2023-0035


JSON object : View

Products Affected

openatom

  • openharmony
CWE
CWE-294

Authentication Bypass by Capture-replay

CWE-287

Improper Authentication