exploitDog

CVE-2024-1608

Опубликовано: 20 фев. 2024

Источник: nvd

CVSS3: 9.1

CVSS3: 7.5

EPSS Низкий

Описание

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction.

Ссылки

https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1759867611954552832
Vendor Advisory
https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1759867611954552832
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oppo:usercenter_credit_software_development_kit:-:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

9.1 Critical

CVSS3

7.5 High

CVSS3

Дефекты

CWE-280

Связанные уязвимости

GHSA-pwq2-c6f6-f36f

CVSS3: 9.1

github

почти 2 года назад

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction.

EPSS

Процентиль: 47%

0.0024

Низкий

9.1 Critical

CVSS3

7.5 High

CVSS3

Дефекты

CWE-280