Lucene search

[email protected]NVD:CVE-2023-21464

HistoryMar 16, 2023 - 9:15 p.m.

CVE-2023-21464

2023-03-1621:15:12

CWE-281

[email protected]

web.nvd.nist.gov

samsung calendar

access control

android 13

android 12

local attacker

improper status

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.

Affected configurations

NVD

Node

samsungcalendarRange<12.4.02.9000

AND

googleandroidMatch13.0

Node

samsungcalendarRange<12.3.08.2000

AND

googleandroidMatch12.0

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=03

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-21464

prion1 cvelist1 cve1