CVE-2022-23255

Опубликовано: 08 фев. 2022

Источник: msrc

CVSS3: 5.9

EPSS Низкий

Описание

Microsoft OneDrive for Android Security Feature Bypass Vulnerability

FAQ

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker needs access to an unlocked mobile device to exploit the vulnerability.

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

The authentication to access OneDrive files could potentially be bypassed. Microsoft recommends installing the update for this vulnerability as soon as possible.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 35%

0.00143

Низкий

5.9 Medium

CVSS3

Связанные уязвимости

CVE-2022-23255

CVSS3: 5.9

nvd

почти 4 года назад

Microsoft OneDrive for Android Security Feature Bypass Vulnerability

GHSA-phcp-hchw-q7wq

CVSS3: 5.9

github

почти 4 года назад

Microsoft OneDrive for Android Security Feature Bypass Vulnerability.

BDU:2022-00927

CVSS3: 5.9

fstec

почти 4 года назад

Уязвимость службы размещения файлов OneDrive for Android, связанная с неправильной авторизацией, позволяющая нарушителю получить доступ к защищаемой информации

EPSS

Процентиль: 35%

0.00143

Низкий

5.9 Medium

CVSS3