What the vulnerability does
01Description
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
CVSS base score
5.7/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
Key dates
02Disclosure timeline
November 5, 2021
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-40170 cross-site inclusion (XSSI) of files in jupyter-server
CVE-2024-12294 Last Viewed Posts by WPBeginner <= 1.0.1 - Unauthenticated Sensitive Information Exposure
CVE-2021-28129 DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid
CVE-2022-33931
CVE-2021-1591 Cisco Nexus 9500 Series Switches Access Control List Bypass Vulnerability
