Lucene search

[email protected]NVD:CVE-2023-42556

HistoryDec 05, 2023 - 3:15 a.m.

CVE-2023-42556

2023-12-0503:15:15

[email protected]

web.nvd.nist.gov

contacts security vulnerability

smr dec-2023

sensitive information disclosure

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

20.7%

JSON

Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.

Affected configurations

NVD

Node

samsungandroidRange11.0–14.0

samsungandroidMatch14.0-

samsungandroidMatch14.0smr-apr-2023-r1

samsungandroidMatch14.0smr-aug-2023-r1

samsungandroidMatch14.0smr-dec-2022-r1

samsungandroidMatch14.0smr-feb-2023-r1

samsungandroidMatch14.0smr-jan-2023-r1

samsungandroidMatch14.0smr-jul-2023-r1

samsungandroidMatch14.0smr-jun-2023-r1

samsungandroidMatch14.0smr-mar-2023-r1

samsungandroidMatch14.0smr-may-2023-r1

samsungandroidMatch14.0smr-nov-2022-r1

samsungandroidMatch14.0smr-nov-2023-r1

samsungandroidMatch14.0smr-oct-2022-r1

samsungandroidMatch14.0smr-oct-2023-r1

samsungandroidMatch14.0smr-sep-2023-r1

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

20.7%

JSON

Related for NVD:CVE-2023-42556

cvelist1 prion1 cve1