CVE-2023-38465

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 8, 2023

CWE ID 862

Summary

CVE-2023-38465 is a vulnerability affecting the ims service. This issue involves a missing permission check, which can result in local information disclosure without requiring any additional execution privileges. Attackers who exploit this flaw can gain unauthorized access to sensitive data. The precise implications and potential impact of this vulnerability depend on the specific configuration and implementation of the ims service. Organizations are advised to apply the necessary patches or workarounds to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sCAz3f
https://www.cve.org/CVERecord?id=CVE-2023-38465
https://nvd.nist.gov/vuln/detail/CVE-2023-38465

Back to Vulnerability Database