CVE-2022-22284Improper Authentication in Mobile Samsung Internet

CWE-287Improper Authentication3 documents3 sources
Severity
5.5MEDIUMNVD
CNA5.7
EPSS
0.1%
top 82.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung InternetSamsung Internet
Timeline
PublishedJan 10
Latest updateJan 11

Description

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDsamsung/internet< 16.0.2.19
CVEListV5samsung_mobile/samsung_internet-16.0.2.19

🔴Vulnerability Details

2
GHSA
GHSA-47j2-g964-m78g: Improper authentication vulnerability in Samsung Internet prior to 162022-01-11
CVEList
CVE-2022-22284: Improper authentication vulnerability in Samsung Internet prior to 162022-01-07
CVE-2022-22284 — Improper Authentication | cvebase