CVE-2020-1813

CWE-306Missing AuthenticationCWE-287Improper Authentication4 documents4 sources
Severity
6.8MEDIUM
EPSS
0.0%
top 93.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P30 Firmware
Timeline
PublishedJun 15
Latest updateMay 24

Description

HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/p30_firmware< 10.1.0.135\(c00e135r2p11\)
CVEListV5huawei_p30Versions earlier than 10.1.0.135(C00E135R2P11)

🔴Vulnerability Details

2
GHSA
GHSA-mqqw-5995-r7pj: HUAWEI P30 smart phone with versions earlier than 102022-05-24
CVEList
CVE-2020-1813: HUAWEI P30 smart phone with versions earlier than 102020-06-15

💬Community

1
Bugzilla
CVE-2020-2252 jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM2020-09-18
CVE-2020-1813 (MEDIUM CVSS 6.8) | HUAWEI P30 smart phone with version | cvebase.io