exploitDog

CVE-2020-6869

Опубликовано: 17 июн. 2020

Источник: nvd

CVSS3: 8.1

CVSS2: 5.5

EPSS Низкий

Описание

All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation.

Ссылки

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013022
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013022
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zte:ztemarket_apk:*:*:*:*:*:*:*:*

Версия до 10.06 (включая)

EPSS

Процентиль: 54%

0.00317

Низкий

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-pjq3-8j3p-rqxw

github

больше 3 лет назад

All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation.

EPSS

Процентиль: 54%

0.00317

Низкий

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo