Lucene search

Samsung MobileCVELIST:CVE-2022-36867

HistorySep 09, 2022 - 2:40 p.m.

CVE-2022-36867

2022-09-0914:40:04

CWE-284

Samsung Mobile

www.cve.org

access control vulnerability

editor lite

sensitive information access

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

5.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.

CNA Affected

[
  {
    "product": "Editor Lite",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "4.0.40.14",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2022&month=09

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

5.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-36867