Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining the Internet access permission. Successful exploit could lead to resource occupation or information leak.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: huawei
Published: 2017-11-22T19:00:00Z
Updated: 2024-09-17T01:27:00.762Z
Reserved: 2017-04-25T00:00:00
Link: CVE-2017-8153
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-11-22T19:29:03.477
Modified: 2017-12-12T16:23:21.487
Link: CVE-2017-8153
Redhat
No data.