In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/android-13 | Vendor Advisory |
Configurations
History
13 Aug 2022, 02:13
Type | Values Removed | Values Added |
---|---|---|
First Time |
Google android
|
|
CPE | cpe:2.3:o:google:android:13.0.0:*:*:*:*:*:*:* | |
CWE | CWE-668 | |
References | (MISC) https://source.android.com/security/bulletin/android-13 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
11 Aug 2022, 15:29
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-11 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-0734
Mitre link : CVE-2021-0734
CVE.ORG link : CVE-2021-0734
JSON object : View
Products Affected
- android
CWE
CWE-668
Exposure of Resource to Wrong Sphere