Back

CVE-2024-3757

May 7, 2024, 1:39 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

OpenHarmony

  • 4.0.0 and prior

OpenHarmony

  • 4.0.0
  • prior to 4.0.0

Source

scy@openharmony.io

Tags

CWE-190
2024-05-07
scy@openharmony.io
CVE-2024-3757

CVE-2024-3757 details

Published : May 7, 2024, 7:15 a.m.
Last Modified : May 7, 2024, 1:39 p.m.

Description

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.

CVSS Score

1 2 3.3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

Base Score

3.3

Exploitability Score

Impact Score

Base Severity

LOW

Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References

URL Source
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md scy@openharmony.io
This website uses the NVD API, but is not approved or certified by it.