Lucene search

[email protected]NVD:CVE-2022-39903

HistoryDec 08, 2022 - 4:15 p.m.

CVE-2022-39903

2022-12-0816:15:12

CWE-200

CWE-863

[email protected]

web.nvd.nist.gov

access control vulnerability

rcs call

smr dec-2022 release 1

local attackers

incoming call number

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.

Affected configurations

NVD

Node

googleandroidMatch10.0

googleandroidMatch11.0

googleandroidMatch12.0

googleandroidMatch13.0

References

security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-39903

prion1 cvelist1 cve1