Описание
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-122652057
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00868
Низкий
6.5 Medium
CVSS3
7.1 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-122652057
EPSS
Процентиль: 75%
0.00868
Низкий
6.5 Medium
CVSS3
7.1 High
CVSS2
Дефекты
NVD-CWE-noinfo