2023-09-25 14:00:28 +00:00
{
"id" : "CVE-2023-41303" ,
"sourceIdentifier" : "psirt@huawei.com" ,
"published" : "2023-09-25T13:15:11.557" ,
2023-09-25 18:00:31 +00:00
"lastModified" : "2023-09-25T17:37:26.753" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-09-25 14:00:28 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified."
2023-09-25 18:00:31 +00:00
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de inyecci\u00f3n de comandos en el m\u00f3dulo del sistema de archivos distribuido. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar que se modifiquen variables en la estructura del sock."
2023-09-25 14:00:28 +00:00
}
] ,
2023-09-25 18:00:31 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
]
} ,
2023-09-25 14:00:28 +00:00
"weaknesses" : [
2023-09-25 18:00:31 +00:00
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-77"
}
]
} ,
2023-09-25 14:00:28 +00:00
{
"source" : "psirt@huawei.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-20"
}
]
}
] ,
2023-09-25 18:00:31 +00:00
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "353AEAF2-AF46-4835-93E1-4F942D5E2810"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "20112231-B840-44D3-A061-B9B9F80EE378"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "64118936-E2A5-4935-8594-29DF29B5475A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C01447F1-7F58-4AE3-B403-C01B2575D898"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CB3751C1-7729-41D3-AE50-80B5AF601135"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
}
]
}
]
}
] ,
2023-09-25 14:00:28 +00:00
"references" : [
{
"url" : "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158" ,
2023-09-25 18:00:31 +00:00
"source" : "psirt@huawei.com" ,
"tags" : [
"Vendor Advisory"
]
2023-09-25 14:00:28 +00:00
} ,
{
"url" : "https://https://consumer.huawei.com/en/support/bulletin/2023/9/" ,
2023-09-25 18:00:31 +00:00
"source" : "psirt@huawei.com" ,
"tags" : [
"Broken Link" ,
"Vendor Advisory"
]
2023-09-25 14:00:28 +00:00
}
]
}
