CVE-2023-42550
published 2023-11-07CVE-2023-42550: Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qos | logback | >= 0 < 1:1.1.3-2ubuntu0.1~esm1 | 1:1.1.3-2ubuntu0.1~esm1 |
| qos | logback | >= 0 < 1:1.2.3-2ubuntu1~18.04.1+esm1 | 1:1.2.3-2ubuntu1~18.04.1+esm1 |
| qos | logback | >= 0 < 1:1.2.3-5ubuntu0.1~esm1 | 1:1.2.3-5ubuntu0.1~esm1 |
| qos | logback | >= 0 < 1:1.2.10-1ubuntu0.1~esm1 | 1:1.2.10-1ubuntu0.1~esm1 |
| samsung | account | < 14.5.00.7 | 14.5.00.7 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv6.6MEDIUM