CVE-2018-9067 Vulnerability Details

  /     /     /  

CVE-2018-9067 Metadata Quick Info

CVE Published: 13/07/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: lenovo | Vendor: Lenovo Group Ltd. | Product: Lenovo Help Android application
Status : PUBLISHED

---

CVE-2018-9067 Description

The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Exposure and modification of private app data
Source: Lenovo Group Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).