CVE-2022-33699 LOW

CVE-2022-33699

Vendor Samsung Mobile
Product Samsung Mobile Devices
Weakness CWE-200 · Info exposure
Published July 11, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

2.0/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

Key dates

02Disclosure timeline

July 11, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-41696 Priority PRI WEB Portal Add-On for Priority ERP on prem – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CVE-2024-30106 HCL Connections is vulnerable to an information disclosure vulnerability CVE-2023-27877 IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure CVE-2019-11268 UAA SQL Identity Zone Vulnerability CVE-2021-41767 Private tunnel identifier may be included in the non-private details of active connections