Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-m8xj-8969-xvhx

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

Ссылки

EPSS

Процентиль: 92%
0.07641
Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-25374

Дефекты

CWE-863

Связанные уязвимости

nvd логотип

CVE-2021-25374

CVSS3: 8.6
nvd
почти 5 лет назад

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

EPSS

Процентиль: 92%
0.07641
Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-25374

Дефекты

CWE-863