VDB

CESS-2024-49733

CESS-2024-49733 PUBLISHED CVSS 5.5 MEDIUM

In reload of ServiceListing.java , there is a possible way to allow a malicious app to hide an NLS from Settings due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

  • Jan 21, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›