An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017).
References
Link | Resource |
---|---|
https://security.samsungmobile.com/securityUpdate.smsb | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-07T13:56:02
Updated: 2020-04-07T13:56:02
Reserved: 2020-04-07T00:00:00
Link: CVE-2017-18695
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-07T14:15:13.857
Modified: 2020-04-08T19:21:54.310
Link: CVE-2017-18695
JSON object: View
Redhat Information
No data.
CWE