CVE-2022-39871
published 2022-10-07CVE-2022-39871: Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | smartthings | < 1.7.89.0 | 1.7.89.0 |
| samsung_mobile | smartthings | >= unspecified < 1.7.89.0 | 1.7.89.0 |