exploitDog

CVE-2023-21298

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

https://source.android.com/docs/security/bulletin/android-14
Vendor Advisory
https://source.android.com/docs/security/bulletin/android-14
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

EPSS

Процентиль: 3%

0.00016

Низкий

7.8 High

CVSS3

Дефекты

CWE-203

CWE-203

Связанные уязвимости

GHSA-g245-8p5f-gjmm

CVSS3: 7.8

github

больше 2 лет назад

In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

EPSS

Процентиль: 3%

0.00016

Низкий

7.8 High

CVSS3

Дефекты

CWE-203

CWE-203