Sign-up

ID

VAR-202209-0431


CVE

CVE-2022-38995


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-016784

DESCRIPTION

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-38995 // JVNDB: JVNDB-2022-016784 // VULHUB: VHN-434767

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.1

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016784 // NVD: CVE-2022-38995

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-38995
value: HIGH

Trust: 1.0

NVD: CVE-2022-38995
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202209-175
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-38995
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-38995
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016784 // CNNVD: CNNVD-202209-175 // NVD: CVE-2022-38995

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-016784 // NVD: CVE-2022-38995

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-175

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-175

PATCH

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=208082

Trust: 0.6

sources: CNNVD: CNNVD-202209-175

EXTERNAL IDS

db:NVDid:CVE-2022-38995

Trust: 3.3

db:JVNDBid:JVNDB-2022-016784

Trust: 0.8

db:CNNVDid:CNNVD-202209-175

Trust: 0.6

db:VULHUBid:VHN-434767

Trust: 0.1

sources: VULHUB: VHN-434767 // JVNDB: JVNDB-2022-016784 // CNNVD: CNNVD-202209-175 // NVD: CVE-2022-38995

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/9/

Trust: 2.5

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-38995

Trust: 1.4

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-38995/

Trust: 0.6

sources: VULHUB: VHN-434767 // JVNDB: JVNDB-2022-016784 // CNNVD: CNNVD-202209-175 // NVD: CVE-2022-38995

SOURCES

db:VULHUBid:VHN-434767
db:JVNDBid:JVNDB-2022-016784
db:CNNVDid:CNNVD-202209-175
db:NVDid:CVE-2022-38995

LAST UPDATE DATE

2024-08-14T15:37:26.904000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-434767date:2022-09-17T00:00:00
db:JVNDBid:JVNDB-2022-016784date:2023-10-06T08:09:00
db:CNNVDid:CNNVD-202209-175date:2022-09-20T00:00:00
db:NVDid:CVE-2022-38995date:2022-09-17T03:12:10.783

SOURCES RELEASE DATE

db:VULHUBid:VHN-434767date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2022-016784date:2023-10-06T00:00:00
db:CNNVDid:CNNVD-202209-175date:2022-09-05T00:00:00
db:NVDid:CVE-2022-38995date:2022-09-16T18:15:17.743