CVE-2014-2271 - OpenCVE

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Huawei	P2-6011 P2-6011 Firmware
Wps	Wps Office

Configuration 1 [-]

cpe:2.3:a:wps:wps_office:5.3.1:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:p2-6011_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:p2-6011:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm
http://www.securityfocus.com/bid/71381
https://exchange.xforce.ibmcloud.com/vulnerabilities/99089
https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/
https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-14T16:07:43

Updated: 2024-08-06T10:06:00.281Z

Reserved: 2014-03-04T00:00:00

Link: CVE-2014-2271

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-01-14T17:15:11.847

Modified: 2020-01-21T16:48:39.257

Link: CVE-2014-2271

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-14T16:07:43", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/bid/71381"}, {"tags": ["x_refsource_MISC"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99089"}, {"tags": ["x_refsource_MISC"], "url": "https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/"}, {"tags": ["x_refsource_MISC"], "url": "https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2271", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm", "refsource": "MISC", "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm"}, {"name": "http://www.securityfocus.com/bid/71381", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/71381"}, {"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99089", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99089"}, {"name": "https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/", "refsource": "MISC", "url": "https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/"}, {"name": "https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf", "refsource": "MISC", "url": "https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:06:00.281Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/bid/71381"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99089"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-2271", "datePublished": "2020-01-14T16:07:43", "dateReserved": "2014-03-04T00:00:00", "dateUpdated": "2024-08-06T10:06:00.281Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wps:wps_office:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "6BAA5318-C816-4437-B510-97F3C03985BD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p2-6011_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D29977CB-BD90-4F95-8F2E-FFFE6AD0E1A5", "versionEndExcluding": "v100r001c00b043", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p2-6011:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FC6D0CD-2D7D-4FC8-AE9F-51765712C7DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic."}, {"lang": "es", "value": "cn.wps.moffice.common.beans.print.CloudPrintWebView en Kingsoft Office versi\u00f3n 5.3.1, como es usado en los dispositivos Huawei P2 versiones anteriores a V100R001C00B043, vuelve a HTTP cuando la conexi\u00f3n HTTPS presenta un fallo en el registro, lo que permite a atacantes de tipo man-in-the-middle dirigir ataques de degradaci\u00f3n y ejecutar c\u00f3digo Java arbitrario mediante el aprovechamiento de una posici\u00f3n de red entre el cliente y el registro para bloquear el tr\u00e1fico HTTPS."}], "id": "CVE-2014-2271", "lastModified": "2020-01-21T16:48:39.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-14T17:15:11.847", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71381"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99089"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}