Directory Traversal Vulnerability in Huawei Smartphone Email Application
CVE-2017-2695

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Tit-al00
Vendor: CVE Published:; 15 November 2017

What is CVE-2017-2695?

The Huawei TIT-AL00C583B211 smartphone contains a directory traversal vulnerability that enables attackers to access sensitive files within the email application. This exploitation can potentially lead to unauthorized access to confidential information, compromising user data security. It highlights the importance of securing applications to prevent vulnerabilities that allow unauthorized file access.

Affected Version(s)

TIT-AL00 TIT-AL00C583B211

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2017
Vulnerability Reserved
Dec 1, 2016

McAfee

What is CVE-2017-2695?

Affected Version(s)

References

CVSS V3.1

Timeline