Lucene search

LenovoVULNRICHMENT:CVE-2023-41817

HistoryMay 03, 2024 - 2:03 p.m.

CVE-2023-41817

2024-05-0314:03:45

CWE-927

lenovo

github.com

motorola phone calls

export vulnerability

local attacker

unauthorized information

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

6.5

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.

CNA Affected

[
  {
    "vendor": "Motorola",
    "product": "Phones",
    "versions": [
      {
        "status": "affected",
        "version": " ",
        "lessThan": "2023-12-01",
        "versionType": "SPL"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

en-us.support.motorola.com/app/answers/detail/a_id/178875

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

6.5

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-41817