Sign-up

ID

VAR-202303-1376


CVE

CVE-2023-21464


TITLE

Samsung's  calendar  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541

DESCRIPTION

Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. Samsung's calendar Exists in unspecified vulnerabilities.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2023-21464 // JVNDB: JVNDB-2023-005541 // VULMON: CVE-2023-21464

AFFECTED PRODUCTS

vendor:samsungmodel:calendarscope:ltversion:12.4.02.9000

Trust: 1.0

vendor:samsungmodel:calendarscope:ltversion:12.3.08.2000

Trust: 1.0

vendor:サムスンmodel:calendarscope:eqversion:12.4.02.9000

Trust: 0.8

vendor:サムスンmodel:calendarscope:eqversion:12.3.08.2000

Trust: 0.8

vendor:サムスンmodel:calendarscope:eqversion: -

Trust: 0.8

vendor:サムスンmodel:calendarscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // NVD: CVE-2023-21464

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2023-21464
value: LOW

Trust: 1.8

mobile.security@samsung.com: CVE-2023-21464
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202303-1360
value: LOW

Trust: 0.6

NVD:
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.1

Trust: 1.0

mobile.security@samsung.com:
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.5
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2023-21464
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // NVD: CVE-2023-21464 // NVD: CVE-2023-21464 // CNNVD: CNNVD-202303-1360

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-005541 // NVD: CVE-2023-21464

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-1360

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202303-1360

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-21464

PATCH
title:SAMSUNG Mobile Devices Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=230061
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202303-1360

EXTERNAL IDS
db:NVDid:CVE-2023-21464
Trust: 3.3
db:JVNDBid:JVNDB-2023-005541
Trust: 0.8
db:CNNVDid:CNNVD-202303-1360
Trust: 0.6
db:VULMONid:CVE-2023-21464
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-21464 // 
            
            
            
            JVNDB: JVNDB-2023-005541 // 
            
            
            
            NVD: CVE-2023-21464 // 
            
            
            
            CNNVD: CNNVD-202303-1360

REFERENCES
url:https://security.samsungmobile.com/serviceweb.smsb?year=2023&month=03
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2023-21464
Trust: 1.4
url:https://cxsecurity.com/cveshow/cve-2023-21464/
Trust: 0.6
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-21464 // 
            
            
            
            JVNDB: JVNDB-2023-005541 // 
            
            
            
            NVD: CVE-2023-21464 // 
            
            
            
            CNNVD: CNNVD-202303-1360

SOURCES
db:VULMONid:CVE-2023-21464
db:JVNDBid:JVNDB-2023-005541
db:NVDid:CVE-2023-21464
db:CNNVDid:CNNVD-202303-1360

LAST UPDATE DATE
2023-12-18T13:16:49.006000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2023-21464date:2023-03-17T00:00:00
db:JVNDBid:JVNDB-2023-005541date:2023-11-09T00:59:00
db:NVDid:CVE-2023-21464date:2023-03-23T17:30:46.763
db:CNNVDid:CNNVD-202303-1360date:2023-03-24T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2023-21464date:2023-03-16T00:00:00
db:JVNDBid:JVNDB-2023-005541date:2023-11-09T00:00:00
db:NVDid:CVE-2023-21464date:2023-03-16T21:15:12.747
db:CNNVDid:CNNVD-202303-1360date:2023-03-16T00:00:00