How severe is CVE-2015-9213?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2015-9213?

This is classified as CWE-17, which is a common weakness in software security.

CVE-2015-9213 - HIGH Severity | CVSS 7.5

Vulnerability Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, the DIAG-EFS command EFS2_DIAG_DELTREE, which is handled by the function fs_diag_deltree_handler(), is used to delete files and directories only inside the /public folder.

Related Vulnerabilities

CVE-2015-5229

HIGH

CVSS:7.5(High)

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of se...

CWE-172015

CVE-2015-8027

HIGH

CVSS:7.5(High)

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (unca...

CWE-172015

CVE-2015-8547

HIGH

CVSS:7.5(High)

The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query...

CWE-172015

CVE-2015-7410

HIGH

CVSS:7.4(High)

The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or m...

CWE-172015

CVE-2014-9426

HIGH

CVSS:7.3(High)

The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attacker...

CWE-172014

CVE-2016-10075

HIGH

CVSS:7.8(High)

The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.

CWE-172016