CVE-2022-39876

CWE-532Log File Information Exposure3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 78.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile ReminderSamsung Reminder
Timeline
PublishedOct 7

Description

Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages2 packages

NVDsamsung/reminder< 8.2.01.13
CVEListV5samsung_mobile/reminderunspecified8.2.01.13

🔴Vulnerability Details

2
GHSA
GHSA-r8mh-6h4v-v5rm: Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 82022-10-07
CVEList
CVE-2022-39876: Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 82022-10-07
CVE-2022-39876 (LOW CVSS 3.3) | Insertion of Sensitive Information | cvebase.io