CVE-2021-25351
3.2
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Summary
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Samsung Account | Android P(9.0) and below < 10.7.07 | affected |
| Samsung Mobile | Samsung Account | Android Q(10.0) < 12.1.1.3 | affected |
Weaknesses
- CWE-285: CWE-285 Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.