mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
106 lines
3.2 KiB
JSON
106 lines
3.2 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2022-37008",
|
||
|
|
"sourceIdentifier": "psirt@huawei.com",
|
||
|
|
"published": "2022-08-10T20:16:04.967",
|
||
|
|
"lastModified": "2022-08-15T17:58:26.997",
|
||
|
|
"vulnStatus": "Analyzed",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "El m\u00f3dulo recovery presenta una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de un paquete de actualizaci\u00f3n antes de su uso. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del sistema"
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV31": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "3.1",
|
||
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
|
|
"attackVector": "NETWORK",
|
||
|
|
"attackComplexity": "LOW",
|
||
|
|
"privilegesRequired": "NONE",
|
||
|
|
"userInteraction": "NONE",
|
||
|
|
"scope": "UNCHANGED",
|
||
|
|
"confidentialityImpact": "NONE",
|
||
|
|
"integrityImpact": "NONE",
|
||
|
|
"availabilityImpact": "HIGH",
|
||
|
|
"baseScore": 7.5,
|
||
|
|
"baseSeverity": "HIGH"
|
||
|
|
},
|
||
|
|
"exploitabilityScore": 3.9,
|
||
|
|
"impactScore": 3.6
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-345"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
|
||
|
|
"source": "psirt@huawei.com",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
|
||
|
|
"source": "psirt@huawei.com",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|