OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks.
References
Link | Resource |
---|---|
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: OpenHarmony
Published: 2022-12-08T00:00:00
Updated: 2022-12-12T09:47:38.527824Z
Reserved: 2022-11-24T00:00:00
Link: CVE-2022-45877
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-08T16:15:14.787
Modified: 2023-07-07T19:02:46.420
Link: CVE-2022-45877
JSON object: View
Redhat Information
No data.