CVE-2017-17145

Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication.

Published: Mar 9, 2018
Updated: Apr 13, 2023
CVE: CVE-2017-17145
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.6
AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
huawei / honor_v9_play_firmware	-	jimmy-al00ac00b135

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-en

Vulnerability Database

289,784

CVE-2017-17145