CVE-2022-38697

Published Oct 14, 2022

Last updated 2 years ago

CVSS medium 5.5

Overview

Description: In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.
Source: security@unisoc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-862
security@unisoc.com: CWE-862

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
          },
          {
            "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
          },
          {
            "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
          },
          {
            "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References