7 - CVE-2019-5216

Executive Summary

Informations
Name	CVE-2019-5216	First vendor Publication	2019-06-06
Vendor	Cve	Last vendor Modification	2019-06-10

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Overall CVSS Score	7
Base Score	7	Environmental Score	7
impact SubScore	5.9	Temporal Score	7
Exploitabality Sub Score	1

Attack Vector	Local	Attack Complexity	High
Privileges Required	None	User Interaction	Required
Scope	Unchanged	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.6	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5216

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-362	Race Condition

CPE : Common Platform Enumeration

Type	Description	Count
Os	Huawei Honor 10 Firmware cpe:2.3:o:huawei:honor_10_firmware::::::::	1
Os	Huawei Honor Play Firmware cpe:2.3:o:huawei:honor_play_firmware::::::::	1
Os	Huawei Honor View 10 Firmware cpe:2.3:o:huawei:honor_view_10_firmware:::::::: cpe:2.3:o:huawei:honor_view_10_firmware:-:::::::*	2

Sources (Detail)

Source	Url
CONFIRM	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smar...

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-11-05 01:38:42	Multiple Updates
2020-05-23 02:30:25	Multiple Updates
2019-09-10 12:11:04	Multiple Updates
2019-08-01 12:06:21	Multiple Updates
2019-07-31 12:10:47	Multiple Updates
2019-06-10 21:19:20	Multiple Updates
2019-06-06 21:19:44	First insertion

Type	Count
CWE ID(s)	1
CPE ID(s)	4
Sources(s)	1

7 - CVE-2019-5216

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU