Lucene search
GoogleCVELIST:CVE-2024-38272HistoryJun 26, 2024 - 3:19 p.m.
CVE-2024-38272 Auth Bypass in Quick Share
2024-06-2615:19:31
CWE-294
Google
www.cve.org
4
cve-2024-38272
auth bypass
quickshare
quickshare windows
vulnerability
upgrade
version 1.0.1724.0
CVSS4
7.1
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:L/SA:L
EPSS
0
Percentile
13.4%
There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows.Β Normally in Quick Share Windows app we canβt send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode.Β We recommend upgrading to version 1.0.1724.0 of Quick Share or above
CNA Affected
[
{
"collectionURL": "https://github.com/google/nearby",
"defaultStatus": "unaffected",
"product": "Nearby",
"repo": "https://github.com/google/nearby",
"vendor": "Google",
"versions": [
{
"lessThan": "1.0.1724.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-38272
2024-06-26 16:15:11
cve
cve
CVE-2024-38272
2024-06-26 16:15:11
vulnrichment
vulnrichment
CVE-2024-38272 Auth Bypass in Quick Share
2024-06-26 15:19:31
thn
thn
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share
2024-08-10 19:00:00
CVSS4
7.1
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:L/SA:L
EPSS
0
Percentile
13.4%
Related for CVELIST:CVE-2024-38272