CVE-2021-25421

Medium

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak…

Samsung Mobile·CWE-779·Published 2021-06-11

CVSS

5.5

EPSS

0.00

KEV

Exploits

cve.orgen

199 chars

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

NVDen

199 chars

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

Una vulnerabilidad de administración de registros inapropiada en Galaxy Watch3 PlugIn versiones anteriores a 2.2.09.21033151, permite a un atacante con permisos de registro filtrar la contraseña de Wi-Fi conectada al smartphone del usuario dentro del registro

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N