Sign-up

ID

VAR-202206-0482


CVE

CVE-2022-30722


TITLE

Google  of  Android  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010719

DESCRIPTION

Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account. Google of Android Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Samsung Account is a mobile account feature for Samsung mobile devices

Trust: 2.25

sources: NVD: CVE-2022-30722 // JVNDB: JVNDB-2022-010719 // CNVD: CNVD-2022-76508 // VULMON: CVE-2022-30722

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-76508

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:11.0

Trust: 1.8

vendor:googlemodel:androidscope:eqversion:10.0

Trust: 1.8

vendor:googlemodel:androidscope:eqversion:12.0

Trust: 1.8

vendor:googlemodel:androidscope:eqversion: -

Trust: 0.8

vendor:googlemodel:androidscope: - version: -

Trust: 0.8

vendor:samsungmodel:mobile devices qscope: - version: -

Trust: 0.6

vendor:samsungmodel:mobile devices rscope: - version: -

Trust: 0.6

vendor:samsungmodel:mobile devices sscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-76508 // JVNDB: JVNDB-2022-010719 // NVD: CVE-2022-30722

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-30722
value: CRITICAL

Trust: 1.0

mobile.security@samsung.com: CVE-2022-30722
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-30722
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-76508
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202206-706
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-30722
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-30722
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-76508
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-30722
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

mobile.security@samsung.com: CVE-2022-30722
baseSeverity: MEDIUM
baseScore: 6.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.5
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-30722
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-76508 // VULMON: CVE-2022-30722 // JVNDB: JVNDB-2022-010719 // CNNVD: CNNVD-202206-706 // NVD: CVE-2022-30722 // NVD: CVE-2022-30722

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-285

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-010719 // NVD: CVE-2022-30722

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-706

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202206-706

PATCH

title:Patch for Samsung Account Implicit Intent Hijacking Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/356106

Trust: 0.6

title:Samsung Account Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195807

Trust: 0.6

sources: CNVD: CNVD-2022-76508 // CNNVD: CNNVD-202206-706

EXTERNAL IDS

db:NVDid:CVE-2022-30722

Trust: 3.9

db:JVNDBid:JVNDB-2022-010719

Trust: 0.8

db:CNVDid:CNVD-2022-76508

Trust: 0.6

db:CNNVDid:CNNVD-202206-706

Trust: 0.6

db:VULMONid:CVE-2022-30722

Trust: 0.1

sources: CNVD: CNVD-2022-76508 // VULMON: CVE-2022-30722 // JVNDB: JVNDB-2022-010719 // CNNVD: CNNVD-202206-706 // NVD: CVE-2022-30722

REFERENCES

url:https://security.samsungmobile.com/securityupdate.smsb?year=2022&month=6

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-30722

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2022-30722/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2022-76508 // VULMON: CVE-2022-30722 // JVNDB: JVNDB-2022-010719 // CNNVD: CNNVD-202206-706 // NVD: CVE-2022-30722

SOURCES

db:CNVDid:CNVD-2022-76508
db:VULMONid:CVE-2022-30722
db:JVNDBid:JVNDB-2022-010719
db:CNNVDid:CNNVD-202206-706
db:NVDid:CVE-2022-30722

LAST UPDATE DATE

2024-08-14T14:24:46.774000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-76508date:2022-11-11T00:00:00
db:VULMONid:CVE-2022-30722date:2022-06-11T00:00:00
db:JVNDBid:JVNDB-2022-010719date:2023-08-16T08:15:00
db:CNNVDid:CNNVD-202206-706date:2022-06-17T00:00:00
db:NVDid:CVE-2022-30722date:2022-06-11T02:03:12.317

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-76508date:2022-10-13T00:00:00
db:VULMONid:CVE-2022-30722date:2022-06-07T00:00:00
db:JVNDBid:JVNDB-2022-010719date:2023-08-16T00:00:00
db:CNNVDid:CNNVD-202206-706date:2022-06-07T00:00:00
db:NVDid:CVE-2022-30722date:2022-06-07T18:15:12.707