Lucene search
HistoryDec 28, 2022 - 6:15 p.m.
CVE-2022-45874
huawei
aslan
children's watch
authorization vulnerability
exploit
file access
cve-2022-45874
nvd
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Huawei Aslan Children’s Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.
Affected configurations
Node
huaweiaslan-al10Match-
huaweiaslan-al10_firmwareRange11.1.0.118\(c00m06\)–11.1.0.10118\(c00m06\)
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:aslan-al10_firmware | huawei aslan-al10 firmware | le | 11.1.0.10118\(c00m06\) |
CNA Affected
[
{
"vendor": "Huawei",
"product": "Aslan-AL10",
"versions": [
{
"version": "11.1.0.118(C00M06)-11.1.0.10118(C00M06)",
"status": "affected"
},
{
"version": "11.1.0.118(C00M06)",
"status": "affected"
}
]
}
]Related
prion
prion
Authorization
2022-12-28 18:15:00
cvelist
cvelist
CVE-2022-45874
2022-12-28 00:00:00
nvd
nvd
CVE-2022-45874
2022-12-28 18:15:09
huawei
huawei
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2022-45874