CVE-2017-8214

CWE-287 — Improper Authentication3 documents3 sources

Severity

6.2MEDIUM

EPSS

0.0%

top 96.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 8 Firmware Huawei Honor 9 Firmware Huawei Honor V8 Firmware +6 more

Timeline

PublishedNov 22

Latest updateMay 13

Description

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Du…

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.3 | Impact: 5.9

Affected Packages9 packages

▶NVDhuawei/honor_8_firmware< frd-al00c00b391+1

▶NVDhuawei/honor_9_firmware< stanford-al00c00b175+2

▶NVDhuawei/honor_v8_firmware< knt-al10c00b391+3

▶NVDhuawei/honor_v9_firmware< duke-al20c00b191+1

▶NVDhuawei/nova_2_plus_firmware< barca-al00c00b162+1

🔴Vulnerability Details

GHSA

GHSA-v494-p7p8-9c4w: Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, v↗2022-05-13

▶

CVEList

CVE-2017-8214: Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, v↗2017-11-22

▶

External resources

NVD MITRE

Affected products9

Huawei Honor 8 Firmwarefixed in frd-al00c00b391fixed in frd-dl00c00b391

Huawei Honor 9 Firmwarefixed in stanford-al00c00b175fixed in stanford-al10c00b175fixed in stanford-tl00c01b175

Huawei Honor V8 Firmwarefixed in knt-al10c00b391fixed in knt-al20c00b391fixed in knt-ul10c00b391+1 more

Huawei Honor V9 Firmwarefixed in duke-al20c00b191fixed in duke-tl30c01b191

Huawei Nova 2 Firmwarefixed in picasso-al00c00b162fixed in picasso-tl00c01b162

Huawei Nova 2 Plus Firmwarefixed in barca-al00c00b162fixed in barca-tl00c00b162

Huawei P10 Plus Firmwarefixed in vicky-al00ac00b172

Huawei P9 Firmwarefixed in eva-al10c00b396sp03fixed in eva-cl00c92b396fixed in eva-dl00c17b396+1 more

Huawei Toronto Firmwarefixed in toronto-al00ac00b191fixed in toronto-tl10c01b191

Disclosure

PublishedNov 22, 2017

Latest updateMay 13, 2022