Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.
References
Link | Resource |
---|---|
https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7 | Vendor Advisory |
Configurations
History
14 Jul 2022, 16:21
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
12 Jul 2021, 13:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:samsung:members:*:*:*:*:*:*:*:* cpe:2.3:a:samsung:members:3.9.10.11:*:*:*:*:*:*:* cpe:2.3:o:google:android:*:*:*:*:*:*:*:* |
|
References | (MISC) https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7 - Vendor Advisory | |
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
08 Jul 2021, 14:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-08 14:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-25438
Mitre link : CVE-2021-25438
CVE.ORG link : CVE-2021-25438
JSON object : View
Products Affected
samsung
- members
- android
CWE