CVE-2017-17145

3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 89.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Honor V9 Play Firmware
Timeline
PublishedMar 9
Latest updateMay 13

Description

Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages1 packages

NVDhuawei/honor_v9_play_firmware< jimmy-al00ac00b135

🔴Vulnerability Details

2
GHSA
GHSA-rgjf-89xc-84m7: Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design o2022-05-13
CVEList
CVE-2017-17145: Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design o2018-03-09
CVE-2017-17145 (MEDIUM CVSS 4.6) | Huawei Honor V9 Play smart phones w | cvebase.io