Overview
- Description
- The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
- Source
- cna@sap.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-732
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:fiori_client:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78219487-8578-432A-849C-215CE3F04351",
"versionEndExcluding": "1.11.5"
}
],
"operator": "OR"
}
]
}
]