CVE-2022-41986

Summary

Information disclosure vulnerability in Android App 'IIJ SmartKey' versions prior to 2.1.4 allows an attacker to obtain a one-time password issued by the product under certain conditions.

Affected Software

VendorProductVersion RangeStatus
Internet Initiative Japan Inc.IIJ SmartKeyversions prior to 2.1.4affected

Weaknesses

  • Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References