CVE-2017-2693

CVSS V2 Medium 6.8 CVSS V3 High 7.8
Description
ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a path traversal vulnerability. An attacker may exploit it to decompress malicious files into a target path.
Overview
  • CVE ID
  • CVE-2017-2693
  • Assigner
  • psirt@huawei.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2017-11-22T19:29:00
  • Last Modified Date
  • 2017-12-07T18:58:08
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l02c635b140
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l02c636b140
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l21c10b150
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l21c185b200
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l21c432b214
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l21c464b150
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l21c636b200
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-l23c605b190
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-tl00c01b250
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* 1 OR ale-ul00c00b250.
cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_7_firmware:*:*:*:*:*:*:*:* 1 OR mt7-l09c605b325
cpe:2.3:h:huawei:mate_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_7_firmware:*:*:*:*:*:*:*:* 1 OR mt7-l09c900b339
cpe:2.3:h:huawei:mate_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_7_firmware:*:*:*:*:*:*:*:* 1 OR mt7-tl10c900b339
cpe:2.3:h:huawei:mate_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:* 1 OR crr-cl00c92b172
cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:* 1 OR crr-l09c432b180
cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:* 1 OR crr-tl00c01b172
cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:* 1 OR crr-ul00c00b172
cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:* 1 OR crr-ul20c432b171
cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-cl00c92b230
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-l09c432b222
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-tl00c01b230sp01
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-ul00c00b230
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-ul00c10b201
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* 1 OR gra-ul00c432b220
cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_6_firmware:*:*:*:*:*:*:*:* 1 OR h60-l04c10b523
cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_6_firmware:*:*:*:*:*:*:*:* 1 OR h60-l04c185b523
cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_6_firmware:*:*:*:*:*:*:*:* 1 OR h60-l04c636b527
cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_6_firmware:*:*:*:*:*:*:*:* 1 OR h60-l04c900b530
cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-al10c00b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-al10c92b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-cl00c92b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-l01c10b140
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-l01c10b140
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-l01c432b187
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-l01c432b190
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-l01c636b130
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-tl00c01b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-tl01hc01b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:* 1 OR plk-ul00c17b220
cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-al00c92b200
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-cl00c92b210
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-tl00c01b210
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-tl00hc01b210
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-ul00c00b210
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR rio-al00c00b220
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:shotx_firmware:*:*:*:*:*:*:*:* 1 OR ath-al00c00b210
cpe:2.3:h:huawei:shotx:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:g8_firmware:*:*:*:*:*:*:*:* 1 OR rio-al00c00b220
cpe:2.3:h:huawei:g8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:g8_firmware:*:*:*:*:*:*:*:* 1 OR rio-cl00c92b220
cpe:2.3:h:huawei:g8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:g8_firmware:*:*:*:*:*:*:*:* 1 OR rio-tl00c01b220
cpe:2.3:h:huawei:g8:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:g8_firmware:*:*:*:*:*:*:*:* 1 OR rio-ul00c00b220
cpe:2.3:h:huawei:g8:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 6.8
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.0
  • Vector String
  • CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • REQUIRED
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 7.8
  • Base Severity
  • HIGH
  • Exploitability Score
  • 1.8
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en Issue Tracking Vendor Advisory
http://www.securityfocus.com/bid/95919 Third Party Advisory VDB Entry
History
Created Old Value New Value Data Type Notes
2022-05-10 08:09:40 Added to TrackCVE
2022-12-02 23:19:24 2017-11-22T19:29Z 2017-11-22T19:29:00 CVE Published Date updated
2022-12-02 23:19:24 2017-12-07T18:58:08 CVE Modified Date updated
2022-12-02 23:19:24 Analyzed Vulnerability Status updated