CVE-2021-25343
4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Samsung Members | Android O(8.1) and below < 2.4.81.13 | affected |
| Samsung Mobile | Samsung Members | Android P(9.0) and above < 3.8.00.13 | affected |
Weaknesses
- CWE-287: CWE-287 Improper Authentication
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.