CVE Vulnerabilities

CVE-2022-38700

Authentication Bypass by Primary Weakness

Published: Sep 09, 2022 | Modified: Nov 21, 2024
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service.

Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

Affected Software

Name Vendor Start Version End Version
Openharmony Openharmony 3.1.1 (including) 3.1.1 (including)

References