Lucene search

[email protected]NVD:CVE-2020-0943

HistoryApr 15, 2020 - 3:15 p.m.

CVE-2020-0943

2020-04-1515:15:16

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

30.1%

JSON

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka ‘Microsoft YourPhone Application for Android Authentication Bypass Vulnerability’.

Affected configurations

Nvd

Node

microsoftyour_phone_companionMatch-android

VendorProductVersionCPE
microsoftyour_phone_companion-cpe:2.3:a:microsoft:your_phone_companion:-:*:*:*:*:android:*:*

Vendor	Product	Version	CPE
microsoft	your_phone_companion	-	cpe:2.3:a:microsoft:your_phone_companion:-:::::android::

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0943

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

30.1%

JSON

Related for NVD:CVE-2020-0943

prion1 cve1 cvelist1 mscve1 kaspersky1 avleonov1