CVE-2021-26279 MEDIUM

CVE-2021-26279: Information disclosure vulnerability in Weather module

Vendor Vivo
Product Weather
Weakness CWE-200 · Info exposure
Published December 17, 2024
Last update December 17, 2024

CVSS base score

5.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Some parameters of the weather module are improperly stored, leaking some sensitive information.

Key dates

02Disclosure timeline

December 17, 2024 CVE published
December 17, 2024 Record updated