CVE-2023-21463
CVSS V2 None
CVSS V3 None
Description
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.
Overview
- CVE ID
- CVE-2023-21463
- Assigner
- mobile.security@samsung.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-03-16T21:15:12
- Last Modified Date
- 2023-03-23T17:42:19
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| AND | ||||
| cpe:2.3:a:samsung:myfiles:*:*:*:*:*:*:*:* | 1 | OR | 12.2.09.0 | |
| cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:a:samsung:myfiles:*:*:*:*:*:*:*:* | 1 | OR | 13.1.03.501 | |
| cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:a:samsung:myfiles:*:*:*:*:*:*:*:* | 1 | OR | 14.1.03.0 | |
| cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* | 0 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=03 | Vendor Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-21463 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21463 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 06:36:45 | Added to TrackCVE | |||
| 2023-04-17 06:36:46 | Weakness Enumeration | new |