CVE-2016-3996

CWE-200 — Information Exposure3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.4%

top 41.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Knox

Timeline

PublishedJan 27

Latest updateMay 14

Description

ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDsamsung/knox1.0, 2.3.0+1

🔴Vulnerability Details

GHSA

GHSA-65c2-q87w-94qp: ClipboardDataMgr in Samsung KNOX 1↗2022-05-14

▶

CVEList

CVE-2016-3996: ClipboardDataMgr in Samsung KNOX 1↗2017-01-27

▶