Sign-up

ID

VAR-202001-0509


CVE

CVE-2019-19441


TITLE

Huawei P30 Information Disclosure Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-02947 // CNNVD: CNNVD-202001-044

DESCRIPTION

HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak. Huawei P30 Smartphones contain information disclosure vulnerabilities.Information may be obtained. The Huawei P30 is a smartphone from China's Huawei

Trust: 2.16

sources: NVD: CVE-2019-19441 // JVNDB: JVNDB-2020-001011 // CNVD: CNVD-2020-02947

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-02947

AFFECTED PRODUCTS

vendor:huaweimodel:p30scope:eqversion: -

Trust: 1.2

vendor:huaweimodel:p30scope:ltversion:10.0.0.166\(c00e66r1p11\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.0.0.166(c00e66r1p11)

Trust: 0.8

vendor:huaweimodel:p30 <10.0.0.166scope: - version: -

Trust: 0.6

vendor:huaweimodel:p30scope:eqversion:9.1.0.193c00e190r2p1

Trust: 0.6

vendor:huaweimodel:p30scope:eqversion:9.1.0.226c00e220r2p1

Trust: 0.6

sources: CNVD: CNVD-2020-02947 // JVNDB: JVNDB-2020-001011 // CNNVD: CNNVD-202001-044 // NVD: CVE-2019-19441

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-19441
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-19441
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-02947
value: LOW

Trust: 0.6

CNNVD: CNNVD-202001-044
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-19441
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-02947
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-19441
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-19441
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-02947 // JVNDB: JVNDB-2020-001011 // CNNVD: CNNVD-202001-044 // NVD: CVE-2019-19441

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-200

Trust: 0.8

sources: JVNDB: JVNDB-2020-001011 // NVD: CVE-2019-19441

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202001-044

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202001-044

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-001011

PATCH
title:huawei-sa-20200102-02-smartphoneurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-02-smartphone-en
Trust: 0.8
title:Patch for Huawei P30 Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/197033
Trust: 0.6
title:Huawei P30 Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106187
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-02947 // 
            
            
            
            JVNDB: JVNDB-2020-001011 // 
            
            
            
            CNNVD: CNNVD-202001-044

EXTERNAL IDS
db:NVDid:CVE-2019-19441
Trust: 3.0
db:JVNDBid:JVNDB-2020-001011
Trust: 0.8
db:CNVDid:CNVD-2020-02947
Trust: 0.6
db:CNNVDid:CNNVD-202001-044
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-02947 // 
            
            
            
            JVNDB: JVNDB-2020-001011 // 
            
            
            
            CNNVD: CNNVD-202001-044 // 
            
            
            
            NVD: CVE-2019-19441

REFERENCES
url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-02-smartphone-en
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-19441
Trust: 1.4
url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200102-02-smartphone-cn
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19441
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-02947 // 
            
            
            
            JVNDB: JVNDB-2020-001011 // 
            
            
            
            CNNVD: CNNVD-202001-044 // 
            
            
            
            NVD: CVE-2019-19441

CREDITS
Huawei
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202001-044

SOURCES
db:CNVDid:CNVD-2020-02947
db:JVNDBid:JVNDB-2020-001011
db:CNNVDid:CNNVD-202001-044
db:NVDid:CVE-2019-19441

LAST UPDATE DATE
2024-11-23T22:37:34.321000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-02947date:2020-01-21T00:00:00
db:JVNDBid:JVNDB-2020-001011date:2020-01-17T00:00:00
db:CNNVDid:CNNVD-202001-044date:2020-01-08T00:00:00
db:NVDid:CVE-2019-19441date:2024-11-21T04:34:44.910

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-02947date:2020-01-20T00:00:00
db:JVNDBid:JVNDB-2020-001011date:2020-01-17T00:00:00
db:CNNVDid:CNNVD-202001-044date:2020-01-02T00:00:00
db:NVDid:CVE-2019-19441date:2020-01-03T15:15:11.930