{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T10:34:25.355","vulnerabilities":[{"cve":{"id":"CVE-2017-2706","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:00.803","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service."},{"lang":"es","value":"Los smartphones Mate 9 con software MHA-AL00AC00B125 tienen una vulnerabilidad de salto de directorio en el módulo Push. Debido a que el sistema no verifica el nombre de archivo durante la descompresión, los directorios del sistema se saltan. Esto podría explotarse para provocar que el atacante remplace archivos y afecte al servicio."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"mha-al00ac00b125","matchCriteriaId":"08FFF678-6E91-419D-8F9D-505C56453542"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*","matchCriteriaId":"93FB7D8B-A819-4CBB-85D1-D3984D963351"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170712-01-push-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170712-01-push-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}