CVE-2022-20066 - Vulnerability Details

Vendors	Products
Google	Android
Mediatek	Mt6580 Mt6739 Mt6761 Mt6765 Mt6769 Mt6771 Mt6785 Mt6833 Mt6873 Mt6875 Mt6877 Mt6891 Mt8168 Mt8365 Mt8666 Mt8667 Mt8696 Mt8766 Mt8768 Mt8788

Link	Providers
https://corp.mediatek.com/product-security-bulletin/May-2022

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "MT6580, MT6739, MT6761, MT6765, MT6769, MT6771, MT6785, MT6833, MT6873, MT6875, MT6877, MT6891, MT8168, MT8365, MT8666, MT8667, MT8696, MT8766, MT8768, MT8788", "vendor": "MediaTek, Inc.", "versions": [{"status": "affected", "version": "Android 11.0, 12.0"}]}], "descriptions": [{"lang": "en", "value": "In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-05-03T20:04:27", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mediatek.com", "ID": "CVE-2022-20066", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MT6580, MT6739, MT6761, MT6765, MT6769, MT6771, MT6785, MT6833, MT6873, MT6875, MT6877, MT6891, MT8168, MT8365, MT8666, MT8667, MT8696, MT8766, MT8768, MT8788", "version": {"version_data": [{"version_value": "Android 11.0, 12.0"}]}}]}, "vendor_name": "MediaTek, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "https://corp.mediatek.com/product-security-bulletin/May-2022", "refsource": "MISC", "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T02:02:29.715Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"}]}]}, "cveMetadata": {"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2022-20066", "datePublished": "2022-04-11T19:37:58", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-03T02:02:29.715Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : MT6580, MT6739, MT6761, MT6765, MT6769, MT6771, MT6785, MT6833, MT6873, MT6875, MT6877, MT6891, MT8168, MT8365, MT8666, MT8667, MT8696, MT8766, MT8768, MT8788 (string)

vendor : MediaTek, Inc. (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 11.0, 12.0 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Information Disclosure (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-05-03T20:04:27 (string)

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@mediatek.com (string)

ID : CVE-2022-20066 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : MT6580, MT6739, MT6761, MT6765, MT6769, MT6771, MT6785, MT6833, MT6873, MT6875, MT6877, MT6891, MT8168, MT8365, MT8666, MT8667, MT8696, MT8766, MT8768, MT8788 (string)

version : { »

version_data : [ »

0 : { »

version_value : Android 11.0, 12.0 (string)

}

]

}

]

}

vendor_name : MediaTek, Inc. (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Information Disclosure (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

refsource : MISC (string)

url : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T02:02:29.715Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

assignerShortName : MediaTek (string)

cveId : CVE-2022-20066 (string)

datePublished : 2022-04-11T19:37:58 (string)

dateReserved : 2021-10-12T00:00:00 (string)

dateUpdated : 2024-08-03T02:02:29.715Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*", "matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729."}, {"lang": "es", "value": "En atf (hwfde), se presenta un posible filtrado de informaci\u00f3n confidencial debido a un manejo incorrecto de errores. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS06171729; ID de Incidencia: ALPS06171729"}], "id": "CVE-2022-20066", "lastModified": "2024-11-21T06:42:04.150", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-11T20:15:18.877", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 109DD7FD-3A48-4C3D-8E1A-4433B98E1E64 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F8FB8EE9-FC56-4D5E-AE55-A5967634740C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 46F71838-4E50-4F2A-9EB8-30AE5DF8511E (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FA8A390-9F52-4CF3-9B45-936CE3E2B828 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F726F486-A86F-4215-AD93-7A07A071844A (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 43E779F6-F0A0-4153-9A1D-B715C3A2F80E (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D23991D5-1893-49F4-8A06-D5E66C96C3B3 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BE4D2AED-C713-407F-A34A-52C3D8F65835 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A82E0A4F-072F-474C-B94C-8114ABE05639 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9814939B-F05E-4870-90C0-7C0F6BAAEB39 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D8E91CA4-CA5B-40D1-9A96-2B875104BCF4 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3CE2FC35-716A-4706-97BA-5DB165041580 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 97C76F98-5D8D-4E52-ABAF-CD27C1205B0E (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FE14B46-C1CA-465F-8578-059FA2ED30EB (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 26573298-76BC-49FE-8D99-CF03ED01B185 (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:* (string)

matchCriteriaId : CE45F606-2E75-48BC-9D1B-99D504974CBF (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FE10C121-F2AD-43D2-8FF9-A6C197858220 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729. (string)

}

1 : { »

lang : es (string)

value : En atf (hwfde), se presenta un posible filtrado de información confidencial debido a un manejo incorrecto de errores. Esto podría conllevar a una divulgación de información local con los privilegios de ejecución System requeridos. No es requerida una interacción del usuario para su explotación. ID del Parche: ALPS06171729; ID de Incidencia: ALPS06171729 (string)

}

]

id : CVE-2022-20066 (string)

lastModified : 2024-11-21T06:42:04.150 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.4 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 0.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-04-11T20:15:18.877 (string)

references : [ »

0 : { »

source : security@mediatek.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/May-2022 (string)

}

]

sourceIdentifier : security@mediatek.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-755 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object