Sign-up

ID

VAR-202209-0256


CVE

CVE-2022-38996


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-016783

DESCRIPTION

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS, which is caused by a configuration flaw

Trust: 1.71

sources: NVD: CVE-2022-38996 // JVNDB: JVNDB-2022-016783 // VULHUB: VHN-428513

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.1

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016783 // NVD: CVE-2022-38996

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-38996
value: HIGH

Trust: 1.0

NVD: CVE-2022-38996
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202209-179
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-38996
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-38996
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016783 // CNNVD: CNNVD-202209-179 // NVD: CVE-2022-38996

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-016783 // NVD: CVE-2022-38996

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-179

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-179

PATCH

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=208084

Trust: 0.6

sources: CNNVD: CNNVD-202209-179

EXTERNAL IDS

db:NVDid:CVE-2022-38996

Trust: 3.3

db:JVNDBid:JVNDB-2022-016783

Trust: 0.8

db:CNNVDid:CNNVD-202209-179

Trust: 0.7

db:VULHUBid:VHN-428513

Trust: 0.1

sources: VULHUB: VHN-428513 // JVNDB: JVNDB-2022-016783 // CNNVD: CNNVD-202209-179 // NVD: CVE-2022-38996

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/9/

Trust: 2.5

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-38996

Trust: 0.8

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-38996/

Trust: 0.6

sources: VULHUB: VHN-428513 // JVNDB: JVNDB-2022-016783 // CNNVD: CNNVD-202209-179 // NVD: CVE-2022-38996

SOURCES

db:VULHUBid:VHN-428513
db:JVNDBid:JVNDB-2022-016783
db:CNNVDid:CNNVD-202209-179
db:NVDid:CVE-2022-38996

LAST UPDATE DATE

2024-08-14T14:17:43.639000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-428513date:2022-09-17T00:00:00
db:JVNDBid:JVNDB-2022-016783date:2023-10-06T08:09:00
db:CNNVDid:CNNVD-202209-179date:2022-09-19T00:00:00
db:NVDid:CVE-2022-38996date:2022-09-17T03:46:47.113

SOURCES RELEASE DATE

db:VULHUBid:VHN-428513date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2022-016783date:2023-10-06T00:00:00
db:CNNVDid:CNNVD-202209-179date:2022-09-05T00:00:00
db:NVDid:CVE-2022-38996date:2022-09-16T18:15:17.780