ID CVE-2019-20772Type cveReporter cve@mitre.orgModified 2020-04-23T19:17:00
Description
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019).
{"id": "CVE-2019-20772", "bulletinFamily": "NVD", "title": "CVE-2019-20772", "description": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019).", "published": "2020-04-17T14:15:00", "modified": "2020-04-23T19:17:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20772", "reporter": "cve@mitre.org", "references": ["https://lgsecurity.lge.com/"], "cvelist": ["CVE-2019-20772"], "type": "cve", "lastseen": "2020-10-03T13:38:51", "edition": 4, "viewCount": 6, "enchantments": {"dependencies": {"references": [], "modified": "2020-10-03T13:38:51", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2020-10-03T13:38:51", "rev": 2}, "vulnersScore": 4.5}, "cpe": ["cpe:/o:google:android:9.0", "cpe:/o:google:android:8.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:8.1", "cpe:/o:google:android:7.1", "cpe:/o:google:android:7.2"], "affectedSoftware": [{"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "7.1"}, {"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "9.0"}, {"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "7.0"}, {"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "8.1"}, {"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "8.0"}, {"cpeName": "google:android", "name": "google android", "operator": "eq", "version": "7.2"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*"], "cwe": ["CWE-863"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}
{}
