CVE Vulnerabilities

CVE-2022-22269

Files or Directories Accessible to External Parties

Published: Jan 10, 2022 | Modified: Jan 15, 2022
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.

Weakness

The product makes files or directories accessible to unauthorized actors, even though they should not be.

Affected Software

Name Vendor Start Version End Version
Android Google 9.0 9.0
Android Google 10.0 10.0
Android Google 11.0 11.0

References