CVE-2023-42578

CWE-755 — Improper Exception Handling3 documents3 sources

Severity

7.5HIGH

EPSS

0.3%

top 49.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Cloud

Timeline

PublishedDec 5

Description

Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDsamsung/cloud5.2.00.7

🔴Vulnerability Details

CVEList

CVE-2023-42578: Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5↗2023-12-05

▶

GHSA

GHSA-m2rf-48j7-ch9q: Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5↗2023-12-05

▶