← Back

CVE-2018-7956

nvd nist
Published: Dec 4, 2018Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.

Affected (4)

Huawei
4 products
Vip App
Mate 20 Firmware
Nova 3i Firmware
Nova 3 Firmware
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Vip App
Before 4.0.5
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mate 20 Firmware
All versions
Running on/withPlatform Versions
Huawei
Mate 20
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nova 3i Firmware
All versions
Running on/withPlatform Versions
Huawei
Nova 3i
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nova 3 Firmware
All versions
Running on/withPlatform Versions
Huawei
Nova 3
All versions

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.