CVE-2022-39874
07.10.2022, 15:15
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.Enginsight
| Vendor | Product | Version |
|---|---|---|
| samsung | account | 𝑥 < 13.5.01.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-779 - Logging of Excessive DataThe software logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.
- CWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.