exploitDog

GHSA-chq4-r76r-rh84

Опубликовано: 07 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

Ссылки

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

CWE-668

Связанные уязвимости

CVE-2022-39867

CVSS3: 4

nvd

больше 3 лет назад

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

CWE-668