Lucene search

[email protected]CVE-2023-29745

HistoryMay 31, 2023 - 12:15 a.m.

CVE-2023-29745

2023-05-3100:15:10

[email protected]

web.nvd.nist.gov

cve-2023-29745

bestweather

android

denial of service

unauthorized apps

nvd

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent denial of service attack by manipulating the database.

Affected configurations

NVD

Node

bestweather_projectbestweatherMatch7.3.1android

CPENameOperatorVersion
bestweather_project:bestweatherbestweather project bestweathereq7.3.1

CPE	Name	Operator	Version
bestweather_project:bestweather	bestweather project bestweather	eq	7.3.1

References

www.zmtqsh.com/

github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29745/CVE%20detail.md

play.google.com/store/apps/details?id=com.icoolme.android.weather

play.google.com/store/apps/details?id=com.TheThaiger.android

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

Related for CVE-2023-29745

prion1 cvelist1 nvd1