5.9
CVE-2022-39876
- EPSS 0.08%
- Published 07.10.2022 15:15:23
- Last modified 21.11.2024 07:18:26
- Source mobile.security@samsung.com
- Teams watchlist Login
- Open Login
Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.
Data is provided by the National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.24 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| mobile.security@samsung.com | 5.9 | 2.5 | 3.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.