PT-2019-17521 · Huawei · P30

Publicado

2019-11-12

Atualizado

2019-11-15

CVE-2019-5231

CVSS v3.1

4.6

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions P30 smartphones versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1)

Description The issue is related to improper authorization. The software fails to correctly perform an authorization check when a user attempts to perform a certain action. This could allow an attacker to update a crafted package if the exploit is successful.

Recommendations For versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1), update to a version that includes the necessary authorization checks to prevent exploitation.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2019-5231

Produtos afetados

P30

PT-2019-17521 · Huawei · P30

CVE-2019-5231

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3