Details of VAR-201605-0333

ID

VAR-201605-0333

CVE

CVE-2016-4575

TITLE

plural Huawei Smartphone software email application cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-002947

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before UL00C00B361; CherryPlus smartphones with software TL00C00 before TL00C00B553, UL00C00 before UL00C00B553, and TL00MC01 before TL00MC01B553; and RIO smartphones with software AL00C00 before AL00C00B360 allows remote attackers to inject arbitrary web script or HTML via an email message. HuaweiPLKPLK-AL10C00B211 is a smartphone product of China Huawei. Multiple Huawei Smartphones are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Huawei PLK PLK-AL10C00B211 etc. The vulnerability is caused by the program's lack of output encoding for some specific characters. The following products and versions are affected: Huawei PLK versions prior to PLK-AL10C00B211, versions prior to PLK-AL10C92B211, versions prior to ATH ATH-AL00C00B361, versions prior to ATH-CL00C92B361, versions prior to ATH-TL00HC01B361, versions prior to ATH-UL00C00B361, CherryPlus Cherry3Plus-TL00C Previous versions, versions before CherryPlus-UL00C00B553, versions before CherryPlus-TL00MC01B553, versions before RIO RIO-AL00C00B360

Trust: 2.52

sources: NVD: CVE-2016-4575 // JVNDB: JVNDB-2016-002947 // CNVD: CNVD-2016-03203 // BID: 90307 // VULHUB: VHN-93394

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-03203

AFFECTED PRODUCTS

vendor:	huawei	model:	ath	scope:	eq	version:	cl00c92	Trust: 1.6
vendor:	huawei	model:	cherryplus	scope:	eq	version:	ul00c00	Trust: 1.6
vendor:	huawei	model:	rio	scope:	eq	version:	al00c00	Trust: 1.6
vendor:	huawei	model:	ath	scope:	eq	version:	al00c00	Trust: 1.6
vendor:	huawei	model:	cherryplus	scope:	eq	version:	tl00mc01	Trust: 1.6
vendor:	huawei	model:	cherryplus	scope:	eq	version:	tl00c00	Trust: 1.6
vendor:	huawei	model:	ath	scope:	eq	version:	ul00c00	Trust: 1.6
vendor:	huawei	model:	plk	scope:	eq	version:	al10c92	Trust: 1.6
vendor:	huawei	model:	ath	scope:	eq	version:	tl00hc01	Trust: 1.6
vendor:	huawei	model:	plk	scope:	eq	version:	al10c00	Trust: 1.6
vendor:	huawei	model:	ath	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	cherryplus	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	ath	scope:	lt	version:	cl00c92	Trust: 0.8
vendor:	huawei	model:	rio	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ath	scope:	lt	version:	ul00c00	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	eq	version:	tl00mc01b553	Trust: 0.8
vendor:	huawei	model:	plk	scope:	lt	version:	al10c00	Trust: 0.8
vendor:	huawei	model:	rio	scope:	eq	version:	al00c00b360	Trust: 0.8
vendor:	huawei	model:	ath	scope:	eq	version:	al00c00b361	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	eq	version:	tl00c00b553	Trust: 0.8
vendor:	huawei	model:	ath	scope:	eq	version:	tl00hc01b361	Trust: 0.8
vendor:	huawei	model:	plk	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ath	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ath	scope:	eq	version:	ul00c00b361	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	lt	version:	tl00mc01	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	lt	version:	tl00c00	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	rio	scope:	lt	version:	al00c00	Trust: 0.8
vendor:	huawei	model:	plk	scope:	lt	version:	al10c92	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	eq	version:	ul00c00b553	Trust: 0.8
vendor:	huawei	model:	ath	scope:	lt	version:	tl00hc01	Trust: 0.8
vendor:	huawei	model:	ath	scope:	lt	version:	al00c00	Trust: 0.8
vendor:	huawei	model:	plk	scope:	eq	version:	al10c00b211	Trust: 0.8
vendor:	huawei	model:	plk	scope:	eq	version:	al10c92b211	Trust: 0.8
vendor:	huawei	model:	ath	scope:	eq	version:	cl00c92b361	Trust: 0.8
vendor:	huawei	model:	cherryplus	scope:	lt	version:	ul00c00	Trust: 0.8
vendor:	huawei	model:	glory <plk-al10c00b211	scope:	eq	version:	7	Trust: 0.6
vendor:	huawei	model:	glory <plk-al10c92b211	scope:	eq	version:	7	Trust: 0.6
vendor:	huawei	model:	glory 7i <ath-al00c00b361	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	glory 7i <ath-cl00c92b361	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	glory 7i <ath-tl00hc01b361	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	glory 7i <ath-ul00c00b361	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	glory play <cherryplus-tl00c00b553	scope:	eq	version:	4x	Trust: 0.6
vendor:	huawei	model:	glory play <cherryplus-ul00c00b553	scope:	eq	version:	4x	Trust: 0.6
vendor:	huawei	model:	glory play <cherryplus-tl00mc01b553	scope:	eq	version:	4x	Trust: 0.6
vendor:	huawei	model:	\351\272\246\350\212\2224 <rio-al00c00b360	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-03203 // JVNDB: JVNDB-2016-002947 // CNNVD: CNNVD-201605-384 // NVD: CVE-2016-4575

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4575
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-4575
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-03203
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201605-384
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93394
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4575
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-03203
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-93394
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4575
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-03203 // VULHUB: VHN-93394 // JVNDB: JVNDB-2016-002947 // CNNVD: CNNVD-201605-384 // NVD: CVE-2016-4575

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-93394 // JVNDB: JVNDB-2016-002947 // NVD: CVE-2016-4575

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-384

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201605-384

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002947

PATCH

title:	huawei-sa-20160507-01-emailapp	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160507-01-emailapp-en	Trust: 0.8
title:	Patches for multiple Huawei product cross-site scripting vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/75938	Trust: 0.6
title:	Multiple Huawei Fixes for product cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61700	Trust: 0.6

sources: CNVD: CNVD-2016-03203 // JVNDB: JVNDB-2016-002947 // CNNVD: CNNVD-201605-384

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4575	Trust: 3.4
db:	JVNDB	id:	JVNDB-2016-002947	Trust: 0.8
db:	CNNVD	id:	CNNVD-201605-384	Trust: 0.7
db:	CNVD	id:	CNVD-2016-03203	Trust: 0.6
db:	BID	id:	90307	Trust: 0.4
db:	VULHUB	id:	VHN-93394	Trust: 0.1

sources: CNVD: CNVD-2016-03203 // VULHUB: VHN-93394 // BID: 90307 // JVNDB: JVNDB-2016-002947 // CNNVD: CNNVD-201605-384 // NVD: CVE-2016-4575

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160507-01-emailapp-en	Trust: 1.4
url:	http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160507-01-emailapp-cn	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4575	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4575	Trust: 0.8
url:	http://www.huawei.com	Trust: 0.3

sources: CNVD: CNVD-2016-03203 // VULHUB: VHN-93394 // BID: 90307 // JVNDB: JVNDB-2016-002947 // CNNVD: CNNVD-201605-384 // NVD: CVE-2016-4575

CREDITS

dark clouds

Trust: 0.6

sources: CNNVD: CNNVD-201605-384

SOURCES

db:	CNVD	id:	CNVD-2016-03203
db:	VULHUB	id:	VHN-93394
db:	BID	id:	90307
db:	JVNDB	id:	JVNDB-2016-002947
db:	CNNVD	id:	CNNVD-201605-384
db:	NVD	id:	CVE-2016-4575

LAST UPDATE DATE

2025-04-13T23:41:18.155000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-03203	date:	2016-05-17T00:00:00
db:	VULHUB	id:	VHN-93394	date:	2016-05-26T00:00:00
db:	BID	id:	90307	date:	2016-07-06T14:41:00
db:	JVNDB	id:	JVNDB-2016-002947	date:	2016-05-30T00:00:00
db:	CNNVD	id:	CNNVD-201605-384	date:	2016-05-26T00:00:00
db:	NVD	id:	CVE-2016-4575	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-03203	date:	2016-05-17T00:00:00
db:	VULHUB	id:	VHN-93394	date:	2016-05-25T00:00:00
db:	BID	id:	90307	date:	2016-05-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-002947	date:	2016-05-30T00:00:00
db:	CNNVD	id:	CNNVD-201605-384	date:	2016-05-13T00:00:00
db:	NVD	id:	CVE-2016-4575	date:	2016-05-25T15:59:06.300