Security Advisory - XSS Vulnerability in the Email App of Huawei Smartphone
- SA No:huawei-sa-20160507-01-emailapp
- Initial Release Date: May 07, 2016
- Last Release Date: May 12, 2016
There is a vulnerability due to the lack of output encoding for some particular characters in the email APP built in the affected Smart Phones. A successful exploitation of the vulnerability could allow an unauthenticated remote attacker to perform a cross-site scripting (XSS) attack and lead to obtain the user information. (Vulnerability ID: HWPSIRT-2016-03030)
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-4575.
Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160507-01-emailapp-en
|
Product Name |
Affected Version |
Resolved Product and Version |
|
PLK |
Versions earlier than PLK-AL10C00B211 |
PLK-AL10C00B211 |
|
Versions earlier than PLK-AL10C92B211 |
PLK-AL10C92B211 |
|
|
ATH |
Versions earlier than ATH-AL00C00B361 |
ATH-AL00C00B361[1] |
|
Versions earlier than ATH-CL00C92B361 |
ATH-CL00C92B361[1] |
|
|
Versions earlier than ATH-TL00HC01B361 |
ATH-TL00HC01B361[1] |
|
|
Versions earlier than ATH-UL00C00B361 |
ATH-UL00C00B361[1] |
|
|
CherryPlus |
Versions earlier than CherryPlus-TL00C00B553 |
CherryPlus-TL00C00B553[1] |
|
Versions earlier than CherryPlus-UL00C00B553 |
CherryPlus-UL00C00B553[1] |
|
|
Versions earlier than CherryPlus-TL00MC01B553 |
CherryPlus-TL00MC01B553[1] |
|
|
RIO |
Versions earlier than RIO-AL00C00B360 |
RIO-AL00C00B360[1] |
[1] The product user who submits the upgrade application in the phone service application will receive a system update prompt, install the update can fix the vulnerability.
An attacker can exploit this vulnerability to obtain the user information after further attacks.
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Temporal Score: 3.6 (E:F/RL:O/RC:C)
1. Prerequisite:
The attackers has successfully tricked the users into open the constructed email message.
2. Attacking procedure:
An attacker could exploit this vulnerability by sending the users an email message injecting malicious script. A successful exploitation could allow the attacker to perform a cross-site scripting (XSS) attack and lead to obtain the user information.
Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities/index.htm
This vulnerability was reported to Huawei PSIRT by Wooyun website. Huawei would like to thank Wooyun website for working with us and coordinated vulnerability disclosure to protect our customers.
2016-05-12 V1.2 UPDATED Add CVE-ID
2016-05-09 V1.1 UPDATED Update the affected product list and fixed version
2016-05-07 V1.0 INITIAL
None
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
