CVE-2022-36839 MEDIUM

CVE-2022-36839

Vendor Samsung Mobile

Product Samsung Checkout

Weakness CWE-89 · SQLi

Published August 5, 2022

Last update August 3, 2024

CVSS base score

5.9/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.

Key dates

August 5, 2022 CVE published

August 3, 2024 Record updated

External resources

Related vulnerabilities

CVE CVE-2022-36839

CWE CWE-89

CVSS 5.9 / MEDIUM

Vendor Samsung Mobile

Product Samsung Checkout

Affected ≥ unspecified and < 5.0.53.1