CVE-2022-39915

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

History

21 Nov 2024, 07:18

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 3.3
References () https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 - Vendor Advisory () https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 - Vendor Advisory
Summary
  • (es) Una vulnerabilidad de control de acceso inadecuado en Calendar anterior a las versiones 11.6.08.0 en Android Q(10), 12.2.11.3000 en Android R(11), 12.3.07.2000 en Android S(12) y 12.4.02.0 en Android T(13) permite los atacantes accedan a información confidencial mediante una intención implícita.

Information

Published : 2022-12-08 16:15

Updated : 2024-11-21 07:18


NVD link : CVE-2022-39915

Mitre link : CVE-2022-39915

CVE.ORG link : CVE-2022-39915


JSON object : View

Products Affected

samsung

  • calendar

google

  • android
CWE
CWE-284

Improper Access Control

NVD-CWE-Other