CVE-2022-20449

MEDIUM Year: 2022
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239701237

Related Vulnerabilities

CVE-2019-15266

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to imp...

CWE-222019

CVE-2019-1835

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanit...

CWE-222019

CVE-2021-1436

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected syste...

CWE-222021

CVE-2021-44111

MEDIUM
CVSS:4.4(Medium)

A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.

CWE-222021

CVE-2022-22821

MEDIUM
CVSS:4.4(Medium)

NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.

CWE-222022

CVE-2023-24804

MEDIUM
CVSS:4.4(Medium)

The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two byp...

CWE-222023