Lucene search

[email protected]CVE-2022-44564

HistoryDec 28, 2022 - 6:15 p.m.

CVE-2022-44564

2022-12-2818:15:09

CWE-22

[email protected]

web.nvd.nist.gov

huawei

aslan

children's watch

cve-2022-44564

nvd

vulnerability

path traversal

exploitation

system resources

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.6%

JSON

Huawei Aslan Children’s Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources.

Affected configurations

NVD

Node

huaweiaslan-al10Match-

AND

huaweiaslan-al10_firmwareRange11.1.0.118\(c00m06\)–11.1.0.10118\(c00m06\)

CPENameOperatorVersion
huawei:aslan-al10_firmwarehuawei aslan-al10 firmwarele11.1.0.10118\(c00m06\)

CPE	Name	Operator	Version
huawei:aslan-al10_firmware	huawei aslan-al10 firmware	le	11.1.0.10118\(c00m06\)

CNA Affected

[
  {
    "vendor": "Huawei",
    "product": "Aslan-AL10",
    "versions": [
      {
        "version": "11.1.0.118(C00M06)-11.1.0.10118(C00M06)",
        "status": "affected"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20221102-01-d002dd8e-en

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.6%

JSON

Related for CVE-2022-44564

prion1 cvelist1 nvd1 huawei1