CVE-2022-48496 - OpenCVE

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Emui

Configuration 1 [-]

OR	cpe:2.3:o:huawei:emui:11.0.1:::::::*
	cpe:2.3:o:huawei:emui:12.0.0:::::::*
	cpe:2.3:o:huawei:emui:12.0.1:::::::*
	cpe:2.3:o:huawei:emui:13.0.0:::::::*

References

Link	Resource
https://consumer.huawei.com/en/support/bulletin/2023/6/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2023-06-19T00:00:00

Updated: 2023-06-19T00:00:00

Reserved: 2023-05-29T00:00:00

Link: CVE-2022-48496

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-06-19T17:15:11.753

Modified: 2023-06-27T09:19:58.250

Link: CVE-2022-48496

JSON object: View

Redhat Information

No data.

CWE

CWE-287