Lucene search

[email protected]CVE-2023-30723

HistorySep 06, 2023 - 4:15 a.m.

CVE-2023-30723

2023-09-0604:15:15

[email protected]

web.nvd.nist.gov

cve-2023-30723

improper input validation

samsung health

file write vulnerability

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.0%

JSON

Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.

Affected configurations

NVD

Node

samsunghealthRange<6.24.2.011

CPENameOperatorVersion
samsung:healthsamsung healthlt6.24.2.011

CPE	Name	Operator	Version
samsung:health	samsung health	lt	6.24.2.011

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Health",
    "versions": [
      {
        "status": "unaffected",
        "version": "6.24.2.011"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.0%

JSON

Related for CVE-2023-30723

cvelist1 nvd1 prion1