Lucene search

Samsung MobileCVELIST:CVE-2023-30703

HistoryAug 10, 2023 - 1:18 a.m.

CVE-2023-30703

2023-08-1001:18:50

Samsung Mobile

www.cve.org

samsung members

url validation

unauthorized access

sensitive information

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

24.8%

JSON

Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Members",
    "versions": [
      {
        "status": "unaffected",
        "version": "14.0.07.1"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

24.8%

JSON

Related for CVELIST:CVE-2023-30703