CVE-2017-2723
MEDIUMHuawei Files < 7.1.1.308 - Cleartext Storage of Sensitive Information
Title source: llmDescription
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-files-en
Scores
CVSS v3
6.7
EPSS
0.0001
EPSS Percentile
1.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-312
Status
published
Products (2)
huawei/files
< 7.1.1.308
Huawei Technologies Co., Ltd./Files
7.1.1.308 and earlier versions
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026