CVE-2023-49927

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-311
View all →

Vulnerability Description

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.

Related Vulnerabilities

CVE-2015-0558

MEDIUM
CVSS:5.3(Medium)

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses "1236790" and the MAC address to generate the WPA key.

CWE-3112015

CVE-2018-17563

MEDIUM
CVSS:5.3(Medium)

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.

CWE-3112018

CVE-2018-5482

MEDIUM
CVSS:5.3(Medium)

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.

CWE-3112018

CVE-2018-6976

MEDIUM
CVSS:5.3(Medium)

The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite d...

CWE-3112018

CVE-2019-19464

MEDIUM
CVSS:5.3(Medium)

The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.

CWE-3112019

CVE-2019-4471

MEDIUM
CVSS:5.3(Medium)

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote atta...

CWE-3112019