How severe is CVE-2023-42549?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2023-42549?

This is classified as CWE-668, which is a common weakness in software security.

CVE-2023-42549

MEDIUM Year: 2023

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-668

View all →

Vulnerability Description

Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE-2012-5639

MEDIUM

CVSS:6.5(Medium)

LibreOffice and OpenOffice automatically open embedded content

CWE-6682012

CVE-2018-20237

MEDIUM

CVSS:6.5(Medium)

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

CWE-6682018

CVE-2019-12875

MEDIUM

CVSS:6.5(Medium)

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.

CWE-6682019

CVE-2019-4306

MEDIUM

CVSS:6.5(Medium)

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that re...

CWE-6682019

CVE-2020-12687

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve a...

CWE-6682020

CVE-2020-14064

MEDIUM

CVSS:6.5(Medium)

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

CWE-6682020

CVE-2023-42549

Vulnerability Description

Related Vulnerabilities

CVE-2012-5639

CVE-2018-20237

CVE-2019-12875

CVE-2019-4306

CVE-2020-12687

CVE-2020-14064