Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-21105

Опубликовано: 15 июн. 2023
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 1%
0.00012
Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-Other
CWE-918

Связанные уязвимости

ubuntu логотип

CVE-2023-21105

CVSS3: 5.5
ubuntu
больше 2 лет назад

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568

github логотип

GHSA-wjr8-mjpf-7ch7

CVSS3: 5.5
github
больше 2 лет назад

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568

EPSS

Процентиль: 1%
0.00012
Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-Other
CWE-918