CVE-2023-21441
Severity CVSS v4.0:
Pending analysis
Type:
CWE-345
Insufficient Verification of Data Authenticity
Publication date:
09/02/2023
Last modified:
21/02/2023
Description
Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:samsung:android:10.0:-:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-apr-2020-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-apr-2021-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-apr-2022-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-apr-2023-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-aug-2020-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-aug-2021-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-aug-2022-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-aug-2023-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-dec-2019-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-dec-2020-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-dec-2021-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-dec-2022-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-dec-2023-r1:*:*:*:*:*:* | ||
| cpe:2.3:o:samsung:android:10.0:smr-feb-2020-r1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page