exploitDog

CVE-2020-14126

Опубликовано: 22 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Ссылки

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=278
Vendor Advisory
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=278
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mi:sound:*:*:*:*:*:*:*:*

Версия до 2.2.40 (включая)

EPSS

Процентиль: 55%

0.00322

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-g6xq-m49w-3jq9

CVSS3: 7.5

github

больше 3 лет назад

Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

EPSS

Процентиль: 55%

0.00322

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo