Sign-up

ID

VAR-202303-1376


CVE

CVE-2023-21464


TITLE

Samsung's  calendar  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541

DESCRIPTION

Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. Samsung's calendar Exists in unspecified vulnerabilities.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2023-21464 // JVNDB: JVNDB-2023-005541 // VULMON: CVE-2023-21464

AFFECTED PRODUCTS

vendor:samsungmodel:calendarscope:ltversion:12.4.02.9000

Trust: 1.0

vendor:samsungmodel:calendarscope:ltversion:12.3.08.2000

Trust: 1.0

vendor:サムスンmodel:calendarscope:eqversion:12.4.02.9000

Trust: 0.8

vendor:サムスンmodel:calendarscope:eqversion:12.3.08.2000

Trust: 0.8

vendor:サムスンmodel:calendarscope:eqversion: -

Trust: 0.8

vendor:サムスンmodel:calendarscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // NVD: CVE-2023-21464

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-21464
value: LOW

Trust: 1.0

mobile.security@samsung.com: CVE-2023-21464
value: MEDIUM

Trust: 1.0

NVD: CVE-2023-21464
value: LOW

Trust: 0.8

CNNVD: CNNVD-202303-1360
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2023-21464
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.1

Trust: 1.0

mobile.security@samsung.com: CVE-2023-21464
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.5
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2023-21464
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // CNNVD: CNNVD-202303-1360 // NVD: CVE-2023-21464 // NVD: CVE-2023-21464

PROBLEMTYPE DATA

problemtype:CWE-281

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // NVD: CVE-2023-21464

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-1360

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202303-1360

PATCH

title:SAMSUNG Mobile Devices Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=230061

Trust: 0.6

sources: CNNVD: CNNVD-202303-1360

EXTERNAL IDS

db:NVDid:CVE-2023-21464

Trust: 3.3

db:JVNDBid:JVNDB-2023-005541

Trust: 0.8

db:CNNVDid:CNNVD-202303-1360

Trust: 0.6

db:VULMONid:CVE-2023-21464

Trust: 0.1

sources: VULMON: CVE-2023-21464 // JVNDB: JVNDB-2023-005541 // CNNVD: CNNVD-202303-1360 // NVD: CVE-2023-21464

REFERENCES

url:https://security.samsungmobile.com/serviceweb.smsb?year=2023&month=03

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2023-21464

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2023-21464/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-21464 // JVNDB: JVNDB-2023-005541 // CNNVD: CNNVD-202303-1360 // NVD: CVE-2023-21464

SOURCES

db:VULMONid:CVE-2023-21464
db:JVNDBid:JVNDB-2023-005541
db:CNNVDid:CNNVD-202303-1360
db:NVDid:CVE-2023-21464

LAST UPDATE DATE

2024-08-14T15:21:17.078000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-21464date:2023-03-17T00:00:00
db:JVNDBid:JVNDB-2023-005541date:2023-11-09T00:59:00
db:CNNVDid:CNNVD-202303-1360date:2023-03-24T00:00:00
db:NVDid:CVE-2023-21464date:2023-03-23T17:30:46.763

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-21464date:2023-03-16T00:00:00
db:JVNDBid:JVNDB-2023-005541date:2023-11-09T00:00:00
db:CNNVDid:CNNVD-202303-1360date:2023-03-16T00:00:00
db:NVDid:CVE-2023-21464date:2023-03-16T21:15:12.747