exploitDog

GHSA-hp3q-rgpx-37wq

Опубликовано: 07 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

Ссылки

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

CWE-668

Связанные уязвимости

CVE-2022-39866

CVSS3: 4

nvd

больше 3 лет назад

Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

CWE-668