Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHuaweiCVE-2017-15322
HistoryDec 22, 2017 - 5:29 p.m.

CVE-2017-15322

2017-12-2217:29:13
CWE-20
huawei
web.nvd.nist.gov
26
huawei
smartphones
dos
vulnerability
input validation
nfc
exploit
crash
cve-2017-15322

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

30.1%

JSON

Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash.

Affected configurations

Nvd
Node
huaweibaggio-l03a_firmwareMatchbgo-l03c158b003custc158d001
OR
huaweibaggio-l03a_firmwareMatchbgo-l03c331b009custc331d001
AND
huaweibaggio-l03aMatch-
VendorProductVersionCPE
huaweibaggio-l03a_firmwarebgo-l03c158b003custc158d001cpe:2.3:o:huawei:baggio-l03a_firmware:bgo-l03c158b003custc158d001:*:*:*:*:*:*:*
huaweibaggio-l03a_firmwarebgo-l03c331b009custc331d001cpe:2.3:o:huawei:baggio-l03a_firmware:bgo-l03c331b009custc331d001:*:*:*:*:*:*:*
huaweibaggio-l03a-cpe:2.3:h:huawei:baggio-l03a:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Baggio-L03A",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "BGO-L03C158B003CUSTC158D001"
      },
      {
        "status": "affected",
        "version": "BGO-L03C331B009CUSTC331D001"
      }
    ]
  }
]

Related

nvd 1
huawei 1
prion 1
cvelist 1
nvd
nvd
CVE-2017-15322
2017-12-22 17:29:13
huawei
huawei
Security Advisory - DoS Vulnerability in Some Huawei Products
2017-11-15 00:00:00
prion
prion
Input validation
2017-12-22 17:29:00
cvelist
cvelist
CVE-2017-15322
2017-12-22 17:00:00

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

30.1%

JSON
Related for CVE-2017-15322
nvd1huawei1prion1cvelist1