CVE-2023-21463

CWE-284Improper Access Control3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 82.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile MyfilesSamsung Myfiles
Timeline
PublishedMar 16

Description

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/myfiles< 12.2.09.0+2
CVEListV5samsung_mobile/myfilesunspecified12.2.09.0 in Android 11, 13.1.03.501 in Android12 and 14.1.03.0 in Android 13

🔴Vulnerability Details

2
GHSA
GHSA-gf22-w2wm-v44w: Improper access control vulnerability in MyFiles application prior to versions 122023-03-16
CVEList
CVE-2023-21463: Improper access control vulnerability in MyFiles application prior to versions 122023-03-16
CVE-2023-21463 (LOW CVSS 3.3) | Improper access control vulnerabili | cvebase.io