CVE-2017-2693 Information
Description
ALE-L02C635B140 and earlier versionsALE-L02C636B140 and earlier versionsALE-L21C10B150 and earlier versionsALE-L21C185B200 and earlier versionsALE-L21C432B214 and earlier versionsALE-L21C464B150 and earlier versionsALE-L21C636B200 and earlier versionsALE-L23C605B190 and earlier versionsALE-TL00C01B250 and earlier versionsALE-UL00C00B250 and earlier versionsMT7-L09C605B325 and earlier versionsMT7-L09C900B339 and earlier versionsMT7-TL10C900B339 and earlier versionsCRR-CL00C92B172 and earlier versionsCRR-L09C432B180 and earlier versionsCRR-TL00C01B172 and earlier versionsCRR-UL00C00B172 and earlier versionsCRR-UL20C432B171 and earlier versionsGRA-CL00C92B230 and earlier versionsGRA-L09C432B222 and earlier versionsGRA-TL00C01B230SP01 and earlier versionsGRA-UL00C00B230 and earlier versionsGRA-UL00C10B201 and earlier versionsGRA-UL00C432B220 and earlier versionsH60-L04C10B523 and earlier versionsH60-L04C185B523 and earlier versionsH60-L04C636B527 and earlier versionsH60-L04C900B530 and earlier versionsPLK-AL10C00B220 and earlier versionsPLK-AL10C92B220 and earlier versionsPLK-CL00C92B220 and earlier versionsPLK-L01C10B140 and earlier versionsPLK-L01C185B130 and earlier versionsPLK-L01C432B187 and earlier versionsPLK-L01C432B190 and earlier versionsPLK-L01C432B190 and earlier versionsPLK-L01C636B130 and earlier versionsPLK-TL00C01B220 and earlier versionsPLK-TL01HC01B220 and earlier versionsPLK-UL00C17B220 and earlier versionsATH-AL00C00B210 and earlier versionsATH-AL00C92B200 and earlier versionsATH-CL00C92B210 and earlier versionsATH-TL00C01B210 and earlier versionsATH-TL00HC01B210 and earlier versionsATH-UL00C00B210 and earlier versionsRIO-AL00C00B220 and earlier versionsRIO-CL00C92B220 and earlier versionsRIO-TL00C01B220 and earlier versionsRIO-UL00C00B220 and earlier versions have a path traversal vulnerability. An attacker may exploit it to decompress malicious files into a target path.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en http://www.securityfocus.com/bid/95919
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: