CVE-2022-36876
1.8
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Summary
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Samsung Pass | unspecified < 4.0.04.10 | affected |
Weaknesses
- CWE-285: CWE-285 Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.