6.1
CVE-2024-38425
- EPSS 0.02%
- Veröffentlicht 07.10.2024 13:15:14
- Zuletzt bearbeitet 16.10.2024 17:34:41
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Information disclosure while sending implicit broadcast containing APP launch information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Wsa8835 Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Snapdragon 662 Mobile Platform Firmware Version-
Qualcomm ≫ Sm8750 Firmware Version-
Qualcomm ≫ Sm8635 Firmware Version-
Qualcomm ≫ Sm7435 Firmware Version-
Qualcomm ≫ Fastconnect 7800 Firmware Version-
Qualcomm ≫ Fastconnect 6900 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.04 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| product-security@qualcomm.com | 6.1 | 1.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
|
CWE-285 Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.