CVE-2023-34156Session Fixation in Huawei Harmonyos

CWE-384Session Fixation3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 84.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedJun 19

Description

Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5huawei/harmonyos5 versions+4
CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-x86v-p8fr-6c2m: Vulnerability of services denied by early fingerprint APIs on HarmonyOS products2023-06-19
CVEList
CVE-2023-34156: Vulnerability of services denied by early fingerprint APIs on HarmonyOS products2023-06-19
CVE-2023-34156 — Session Fixation in Huawei Harmonyos | cvebase