CVE-2018-7907

Name of the Vulnerable Software and Affected Versions: Huawei Agassi-L09 versions AGS-L09C100B257CUSTC100D001 through AGS-L09C229B003CUSTC229D001 Huawei Agassi-W09 versions AGS-W09C100B257CUSTC100D001 through AGS-W09C794B001CUSTC794D001 Huawei Baggio2-U01A versions BG2-U01C100B160CUSTC100D001 through BG2-U01C333B160CUSTC333D001 Huawei Bond-AL00C version Bond-AL00CC00B201 Huawei Bond-AL10B version Bond-AL10BC00B201 Huawei Bond-TL10B version Bond-TL10BC01B201 Huawei Bond-TL10C version Bond-TL10CC01B131 Huawei Haydn-L1JB version HDN-L1JC137B068 Huawei Kobe-L09A versions KOB-L09C100B252CUSTC100D001 through KOB-L09C362B001CUSTC362D001 Huawei Kobe-L09AHN version KOB-L09C233B226 Huawei Kobe-W09C version KOB-W09C128B251CUSTC128D001 Huawei LelandP-L22C version 8.0.0.101(C675CUSTC675D2) Huawei LelandP-L22D version 8.0.0.101(C675CUSTC675D2) Huawei Rhone-AL00 version Rhone-AL00C00B186 Huawei Selina-L02 version Selina-L02C432B153 Huawei Stanford-L09S version Stanford-L09SC432B183 Huawei Toronto-AL00 versions Toronto-AL00C00B223 Huawei Toronto-AL00A version Toronto-AL00AC00B223 Huawei Toronto-TL10 version Toronto-TL10C01B223

Description: The issue is related to a sensitive information leak. An attacker can exploit this by tricking a user into installing a malicious application. The root cause is insufficient verification of the input, which can lead to the leak of sensitive information when the vulnerability is successfully exploited.

Recommendations: For Huawei Agassi-L09 versions AGS-L09C100B257CUSTC100D001 through AGS-L09C229B003CUSTC229D001, update to a version with the fix. For Huawei Agassi-W09 versions AGS-W09C100B257CUSTC100D001 through AGS-W09C794B001CUSTC794B001, update to a version with the fix. For Huawei Baggio2-U01A versions BG2-U01C100B160CUSTC100D001 through BG2-U01C333B160CUSTC333D001, update to a version with the fix. For Huawei Bond-AL00C version Bond-AL00CC00B201, update to a version with the fix. For Huawei Bond-AL10B version Bond-AL10BC00B201, update to a version with the fix. For Huawei Bond-TL10B version Bond-TL10BC01B201, update to a version with the fix. For Huawei Bond-TL10C version Bond-TL10CC01B131, update to a version with the fix. For Huawei Haydn-L1JB version HDN-L1JC137B068, update to a version with the fix. For Huawei Kobe-L09A versions KOB-L09C100B252CUSTC100D001 through KOB-L09C362B001CUSTC362D001, update to a version with the fix. For Huawei Kobe-L09AHN version KOB-L09C233B226, update to a version with the fix. For Huawei Kobe-W09C version KOB-W09C128B251CUSTC128D001, update to a version with the fix. For Huawei LelandP-L22C version 8.0.0.101(C675CUSTC675D2), update to a version with the fix. For Huawei LelandP-L22D version 8.0.0.101(C675CUSTC675D2), update to a version with the fix. For Huawei Rhone-AL00 version Rhone-AL00C00B186, update to a version with the fix. For Huawei Selina-L02 version Selina-L02C432B153, update to a version with the fix. For Huawei Stanford-L09S version Stanford-L09SC432B183, update to a version with the fix. For Huawei Toronto-AL00 versions Toronto-AL00C00B223, update to a version with the fix. For Huawei Toronto-AL00A version Toronto-AL00AC00B223, update to a version with the fix. For Huawei Toronto-TL10 version Toronto-TL10C01B223, update to a version with the fix. At the moment, there is no information about a newer version that contains a fix for this vulnerability.