exploitDog

GHSA-7xcr-6p4f-q66v

Опубликовано: 10 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 2.4

Описание

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.

Ссылки

EPSS

Процентиль: 24%

0.0008

Низкий

2.4 Low

CVSS3

CVE ID

Дефекты

CWE-285

CWE-863

Связанные уязвимости

CVE-2022-36876

CVSS3: 1.8

nvd

больше 3 лет назад

Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.

EPSS

Процентиль: 24%

0.0008

Низкий

2.4 Low

CVSS3

CVE ID

Дефекты

CWE-285

CWE-863