CVE-2022-39877

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:samsung:group_sharing:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:samsung:group_sharing:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 07:18

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 4.0
References () https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 - Vendor Advisory () https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 - Vendor Advisory

27 Jun 2023, 16:25

Type Values Removed Values Added
CWE CWE-269 NVD-CWE-Other

09 Oct 2022, 02:21

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-07 15:15

Updated : 2024-11-21 07:18


NVD link : CVE-2022-39877

Mitre link : CVE-2022-39877

CVE.ORG link : CVE-2022-39877


JSON object : View

Products Affected

google

  • android

samsung

  • group_sharing
CWE
CWE-284

Improper Access Control

NVD-CWE-Other