CVE-2019-15843

MEDIUM

Description

A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.

References

https://sec.xiaomi.com/post/152

Details

Source: MITRE

Published: 2019-09-18

Updated: 2019-09-20

Type: CWE-434

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM