| |
Vulnerability CVE-2017-2723
Published: 2017-11-22
| Description: |
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak. |
Type:
CWE-312 (Cleartext Storage of Sensitive Information)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-files-en
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
