admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-27xx/CVE-2017-2728.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

125 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-2728",
"sourceIdentifier": "psirt@huawei.com",
"published": "2017-11-22T19:29:01.663",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen."
},
{
"lang": "es",
"value": "Algunos tel\u00e9fonos m\u00f3viles Huawei Honor 6X Berlin-L22C636B150 y versiones anteriores tienen una vulnerabilidad de omisi\u00f3n de desbloqueo Bluetooth. Si un usuario ha habilitado la funci\u00f3n smart unlock, un atacante puede suplantar el dispositivo Bluetooth del usuario para desbloquear la pantalla del tel\u00e9fono m\u00f3vil del usuario. Los m\u00f3viles Huawei tienen una vulnerabilidad de omisi\u00f3n de desbloqueo Bluetooth debido a la falta de validaci\u00f3n en dispositivos Bluetooth. Si un usuario ha habilitado la funci\u00f3n smart unlock, un atacante puede suplantar el dispositivo Bluetooth del usuario para desbloquear la pantalla del tel\u00e9fono m\u00f3vil del usuario."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "berlin-l22c636b150",
"matchCriteriaId": "78EF2CC9-FB88-4047-A077-DB408118D0E3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07006372-CA98-4256-9C07-A2152A8D2BBA"
}
]
}
]
}
],
"references": [
{
"url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170323-01-smartphone-en",
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/97042",
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink