Vmall
Monthly
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.