CVE-2022-22283

CWE-287Improper AuthenticationCWE-613Insufficient Session Expiration3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 82.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung HealthSamsung Health
Timeline
PublishedJan 10
Latest updateJan 11

Description

Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:NExploitability: 1.3 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/health< 6.20.1.005
CVEListV5samsung_mobile/samsung_health-6.20.1.005

🔴Vulnerability Details

2
GHSA
GHSA-7547-299x-4pmv: Improper session management vulnerability in Samsung Health prior to 62022-01-11
CVEList
CVE-2022-22283: Improper session management vulnerability in Samsung Health prior to 62022-01-07
CVE-2022-22283 (LOW CVSS 3.3) | Improper session management vulnera | cvebase.io