CVE Vulnerabilities

CVE-2023-21484

Improper Authentication

Published: May 04, 2023 | Modified: May 10, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Android Samsung 11.0 (including) 11.0 (including)
Android Samsung 11.0-smr-apr-2021-r1 (including) 11.0-smr-apr-2021-r1 (including)
Android Samsung 11.0-smr-apr-2022-r1 (including) 11.0-smr-apr-2022-r1 (including)
Android Samsung 11.0-smr-aug-2021-r1 (including) 11.0-smr-aug-2021-r1 (including)
Android Samsung 11.0-smr-aug-2022-r1 (including) 11.0-smr-aug-2022-r1 (including)
Android Samsung 11.0-smr-dec-2020-r1 (including) 11.0-smr-dec-2020-r1 (including)
Android Samsung 11.0-smr-dec-2021-r1 (including) 11.0-smr-dec-2021-r1 (including)
Android Samsung 11.0-smr-dec-2022-r1 (including) 11.0-smr-dec-2022-r1 (including)
Android Samsung 11.0-smr-feb-2021-r1 (including) 11.0-smr-feb-2021-r1 (including)
Android Samsung 11.0-smr-feb-2022-r1 (including) 11.0-smr-feb-2022-r1 (including)
Android Samsung 11.0-smr-feb-2023-r1 (including) 11.0-smr-feb-2023-r1 (including)
Android Samsung 11.0-smr-jan-2021-r1 (including) 11.0-smr-jan-2021-r1 (including)
Android Samsung 11.0-smr-jan-2022-r1 (including) 11.0-smr-jan-2022-r1 (including)
Android Samsung 11.0-smr-jul-2021-r1 (including) 11.0-smr-jul-2021-r1 (including)
Android Samsung 11.0-smr-jul-2022-r1 (including) 11.0-smr-jul-2022-r1 (including)
Android Samsung 11.0-smr-jun-2021-r1 (including) 11.0-smr-jun-2021-r1 (including)
Android Samsung 11.0-smr-jun-2022-r1 (including) 11.0-smr-jun-2022-r1 (including)
Android Samsung 11.0-smr-mar-2021-r1 (including) 11.0-smr-mar-2021-r1 (including)
Android Samsung 11.0-smr-mar-2022-r1 (including) 11.0-smr-mar-2022-r1 (including)
Android Samsung 11.0-smr-may-2021-r1 (including) 11.0-smr-may-2021-r1 (including)
Android Samsung 11.0-smr-may-2022-r1 (including) 11.0-smr-may-2022-r1 (including)
Android Samsung 11.0-smr-nov-2021-r1 (including) 11.0-smr-nov-2021-r1 (including)
Android Samsung 11.0-smr-nov-2022-r1 (including) 11.0-smr-nov-2022-r1 (including)
Android Samsung 11.0-smr-oct-2021-r1 (including) 11.0-smr-oct-2021-r1 (including)
Android Samsung 11.0-smr-oct-2022-r1 (including) 11.0-smr-oct-2022-r1 (including)
Android Samsung 11.0-smr-sep-2021-r1 (including) 11.0-smr-sep-2021-r1 (including)
Android Samsung 11.0-smr-sep-2022-r1 (including) 11.0-smr-sep-2022-r1 (including)
Android Samsung 12.0 (including) 12.0 (including)
Android Samsung 12.0-smr-apr-2022-r1 (including) 12.0-smr-apr-2022-r1 (including)
Android Samsung 12.0-smr-aug-2022-r1 (including) 12.0-smr-aug-2022-r1 (including)
Android Samsung 12.0-smr-dec-2021-r1 (including) 12.0-smr-dec-2021-r1 (including)
Android Samsung 12.0-smr-dec-2022-r1 (including) 12.0-smr-dec-2022-r1 (including)
Android Samsung 12.0-smr-feb-2022-r1 (including) 12.0-smr-feb-2022-r1 (including)
Android Samsung 12.0-smr-feb-2023-r1 (including) 12.0-smr-feb-2023-r1 (including)
Android Samsung 12.0-smr-jan-2022-r1 (including) 12.0-smr-jan-2022-r1 (including)
Android Samsung 12.0-smr-jul-2022-r1 (including) 12.0-smr-jul-2022-r1 (including)
Android Samsung 12.0-smr-jun-2022-r1 (including) 12.0-smr-jun-2022-r1 (including)
Android Samsung 12.0-smr-mar-2022-r1 (including) 12.0-smr-mar-2022-r1 (including)
Android Samsung 12.0-smr-may-2022-r1 (including) 12.0-smr-may-2022-r1 (including)
Android Samsung 12.0-smr-nov-2021-r1 (including) 12.0-smr-nov-2021-r1 (including)
Android Samsung 12.0-smr-nov-2022-r1 (including) 12.0-smr-nov-2022-r1 (including)
Android Samsung 12.0-smr-oct-2022-r1 (including) 12.0-smr-oct-2022-r1 (including)
Android Samsung 12.0-smr-sep-2022-r1 (including) 12.0-smr-sep-2022-r1 (including)
Android Samsung 13.0 (including) 13.0 (including)
Android Samsung 13.0-smr-apr-2023-r1 (including) 13.0-smr-apr-2023-r1 (including)
Android Samsung 13.0-smr-dec-2022-r1 (including) 13.0-smr-dec-2022-r1 (including)
Android Samsung 13.0-smr-feb-2023-r1 (including) 13.0-smr-feb-2023-r1 (including)
Android Samsung 13.0-smr-jan-2023-r1 (including) 13.0-smr-jan-2023-r1 (including)
Android Samsung 13.0-smr-mar-2023-r1 (including) 13.0-smr-mar-2023-r1 (including)
Android Samsung 13.0-smr-nov-2022-r1 (including) 13.0-smr-nov-2022-r1 (including)
Android Samsung 13.0-smr-oct-2022-r1 (including) 13.0-smr-oct-2022-r1 (including)

Potential Mitigations

References