Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2021-0597

Published: 14/07/2021 Updated: 15/07/2021
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Android

Vulnerability Summary

In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176496502

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google android 8.1

google android 9.0

google android 10.0

google android 11.0

ICS Advisories

https://ics-cert.us-cert.gov/advisories/1c5953bf7b4cffc98481adf559672c1a
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-862https://source.android.com/security/bulletin/2021-07-01https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook