diff --git a/2018/7xxx/CVE-2018-7956.json b/2018/7xxx/CVE-2018-7956.json index 1521f48a8cd..59d53569b78 100644 --- a/2018/7xxx/CVE-2018-7956.json +++ b/2018/7xxx/CVE-2018-7956.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "psirt@huawei.com", "ID" : "CVE-2018-7956", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Huawei VIP App", + "version" : { + "version_data" : [ + { + "version_value" : "versions before 4.0.5" + } + ] + } + } + ] + }, + "vendor_name" : "Huawei Technologies Co., Ltd." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability that attackers can conduct bruteforce to the VIP App Web Services to get user information." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "information leakage" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en" } ] } diff --git a/2018/7xxx/CVE-2018-7987.json b/2018/7xxx/CVE-2018-7987.json index 20e41788bfd..bc346f4223c 100644 --- a/2018/7xxx/CVE-2018-7987.json +++ b/2018/7xxx/CVE-2018-7987.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "psirt@huawei.com", "ID" : "CVE-2018-7987", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Huawei P20", + "version" : { + "version_data" : [ + { + "version_value" : "the versions before 8.1.0.171(C00)" + } + ] + } + } + ] + }, + "vendor_name" : "Huawei Technologies Co., Ltd." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "There is an out-of-bounds write vulnerability on several smartphones. The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful exploit could cause a denial of service condition." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "out-of-bounds write" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181128-02-smartphone-en" } ] }