Lucene search

[email protected]NVD:CVE-2021-25342

HistoryMar 04, 2021 - 10:15 p.m.

CVE-2021-25342

2021-03-0422:15:13

CWE-287

[email protected]

web.nvd.nist.gov

non-existent provider

unauthorized actions

dos hijack

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

5.1%

JSON

Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.

Affected configurations

Nvd

Node

googleandroidMatch1.0

googleandroidMatch1.1

googleandroidMatch1.5

googleandroidMatch1.6

googleandroidMatch2.0

googleandroidMatch2.0.1

googleandroidMatch2.1

googleandroidMatch2.2

googleandroidMatch2.2rev1

googleandroidMatch2.2.1

googleandroidMatch2.2.2

googleandroidMatch2.2.3

googleandroidMatch2.3

googleandroidMatch2.3rev1

googleandroidMatch2.3.1

googleandroidMatch2.3.2

googleandroidMatch2.3.3

googleandroidMatch2.3.4

googleandroidMatch2.3.5

googleandroidMatch2.3.6

googleandroidMatch2.3.7

googleandroidMatch3.0

googleandroidMatch3.1

googleandroidMatch3.2

googleandroidMatch3.2.1

googleandroidMatch3.2.2

googleandroidMatch3.2.4

googleandroidMatch3.2.6

googleandroidMatch4.0

googleandroidMatch4.0.1

googleandroidMatch4.0.2

googleandroidMatch4.0.3

googleandroidMatch4.0.4

googleandroidMatch4.1

googleandroidMatch4.1.1

googleandroidMatch4.1.2

googleandroidMatch4.2

googleandroidMatch4.2.1

googleandroidMatch4.2.2

googleandroidMatch4.3

googleandroidMatch4.3.1

googleandroidMatch4.4

googleandroidMatch4.4.1

googleandroidMatch4.4.2

googleandroidMatch4.4.3

googleandroidMatch4.4.4

googleandroidMatch5.0

googleandroidMatch5.0.1

googleandroidMatch5.0.2

googleandroidMatch5.1

googleandroidMatch5.1.0

googleandroidMatch5.1.1

googleandroidMatch6.0

googleandroidMatch6.0.1

googleandroidMatch7.0

googleandroidMatch7.1.0

googleandroidMatch7.1.1

googleandroidMatch7.1.2

googleandroidMatch8.0

AND

samsungmembersRange<2.4.81.13

Node

googleandroidMatch9.0

googleandroidMatch10.0

googleandroidMatch11.0

AND

samsungmembersRange<3.8.00.13

VendorProductVersionCPE
googleandroid1.0cpe:2.3:o:google:android:1.0:*:*:*:*:*:*:*
googleandroid1.1cpe:2.3:o:google:android:1.1:*:*:*:*:*:*:*
googleandroid1.5cpe:2.3:o:google:android:1.5:*:*:*:*:*:*:*
googleandroid1.6cpe:2.3:o:google:android:1.6:*:*:*:*:*:*:*
googleandroid2.0cpe:2.3:o:google:android:2.0:*:*:*:*:*:*:*
googleandroid2.0.1cpe:2.3:o:google:android:2.0.1:*:*:*:*:*:*:*
googleandroid2.1cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*
googleandroid2.2cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*
googleandroid2.2cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
googleandroid2.2.1cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	1.0	cpe:2.3:o:google:android:1.0:::::::*
google	android	1.1	cpe:2.3:o:google:android:1.1:::::::*
google	android	1.5	cpe:2.3:o:google:android:1.5:::::::*
google	android	1.6	cpe:2.3:o:google:android:1.6:::::::*
google	android	2.0	cpe:2.3:o:google:android:2.0:::::::*
google	android	2.0.1	cpe:2.3:o:google:android:2.0.1:::::::*
google	android	2.1	cpe:2.3:o:google:android:2.1:::::::*
google	android	2.2	cpe:2.3:o:google:android:2.2:::::::*
google	android	2.2	cpe:2.3:o:google:android:2.2:rev1::::::
google	android	2.2.1	cpe:2.3:o:google:android:2.2.1:::::::*

Rows per page:

1-10 of 631

References

security.samsungmobile.com

security.samsungmobile.com/serviceWeb.smsb

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-25342

cvelist1 prion1 cve1