CVE-2024-57957
06.02.2025, 13:15
Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.Enginsight
| Vendor | Product | Version |
|---|---|---|
| huawei | harmonyos | 5.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-657 - Violation of Secure Design PrinciplesThe product violates well-established principles for secure design.
- CWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.