CVE-2023-35668

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 4, 2023
Updated: Dec 22, 2023
CWE ID 610

Summary

CVE-2023-35668 is a cyber vulnerability that affects multiple products, including lAMRr5, tzDcWF, sYyJEm, sYyJEl, fWGaF5, mmOpcJ, nn8kgA, and sYyJE8. The vulnerability allows for the display of images from another user in visitUris of Notification.java due to a confused deputy. This can result in local information disclosure without requiring additional execution privileges or user interaction. The base severity is rated as MEDIUM with a base score of 5.5, indicating a potential high impact on confidentiality. The vulnerability has an exploitability score of 1.8 and an impact score of 3.6. No remediation steps or potential dangers to organizations are mentioned in the provided information.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35668 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options