Lucene search

[email protected]CVE-2023-25632

HistoryNov 27, 2023 - 7:15 a.m.

CVE-2023-25632

2023-11-2707:15:43

CWE-284

[email protected]

web.nvd.nist.gov

android

mobile

whale browser app

browser unlock

open in whale

cve-2023-25632

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser unlock function via ‘Open in Whale’ feature.

Affected configurations

NVD

Node

naverwhale_browserRange<3.0.1.2android

CPENameOperatorVersion
naver:whale_browsernaver whale browserlt3.0.1.2

CPE	Name	Operator	Version
naver:whale_browser	naver whale browser	lt	3.0.1.2

CNA Affected

[
  {
    "vendor": "NAVER",
    "product": "NAVER Whale browser",
    "platforms": [
      "Android"
    ],
    "versions": [
      {
        "status": "unaffected",
        "version": "3.0.1.2"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

cve.naver.com/detail/cve-2023-25632.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-25632

nvd1 prion1 cvelist1