CVE-2021-25404

CWE-9223 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 79.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile SmartthingsSamsung Smartthings Firmware
Timeline
PublishedJun 11
Latest updateMay 24

Description

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5samsung_mobile/smartthingsunspecified1.7.64.21

🔴Vulnerability Details

2
GHSA
GHSA-mrfp-7m85-53j8: Information Exposure vulnerability in SmartThings prior to version 12022-05-24
CVEList
CVE-2021-25404: Information Exposure vulnerability in SmartThings prior to version 12021-06-11