Improper access control and path traversal vulnerability in Storage Manager and Storage Manager Service prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission. The patch adds proper validation logic to prevent arbitrary files access.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Samsung Mobile
Published: 2022-04-11T19:37:29
Updated: 2024-08-03T05:41:09.966Z
Reserved: 2022-03-24T00:00:00
Link: CVE-2022-27836
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-04-11T20:15:22.940
Modified: 2022-04-27T19:29:23.123
Link: CVE-2022-27836
Redhat
No data.