Lucene search

[email protected]NVD:CVE-2022-39849

HistoryOct 07, 2022 - 3:15 p.m.

CVE-2022-39849

2022-10-0715:15:18

CWE-284

[email protected]

web.nvd.nist.gov

improper access control

knox_vpn_policy

smr oct-2022 release 1

unauthorized read

configuration data

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.

Affected configurations

NVD

Node

googleandroidMatch10.0

googleandroidMatch11.0

googleandroidMatch12.0

References

security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-39849

cve1 prion1 cvelist1