exploitDog

CVE-2023-21103

Опубликовано: 15 мая 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622

Ссылки

https://source.android.com/security/bulletin/2023-05-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/2023-05-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-209

Связанные уязвимости

GHSA-7p8r-xg5m-xgx8

CVSS3: 5.5

github

больше 2 лет назад

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622

EPSS

Процентиль: 8%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-209