{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T15:58:01.990","vulnerabilities":[{"cve":{"id":"CVE-2017-2694","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:00.397","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experience."},{"lang":"es","value":"El componente AlarmService en HwVmall con software en versiones anteriores a la 1.5.2.0 no tiene control sobre los permisos de llamada, permitiendo que cualquier tercero llame. Un atacante podría construir una aplicación maliciosa para llamarla. Consecuentemente, sonará de repente una música de alerta, comprometiendo la experiencia de usuario."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-275"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:vmall:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.2.0","matchCriteriaId":"13DBABD6-A494-46B0-8A6D-07747DE2F385"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-vmall-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95915","source":"psirt@huawei.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-vmall-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95915","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}