CVE-2023-21384Detail
This CVE record was updated after NVD enrichment efforts were completed. The enrichment data provided by the NVD may require modification due to these changes.
Description
In Package Manager, there is a possible permission bypass due to an insecure PendingIntent. This could lead to local information disclosure with the necessary user execution privileges. User interaction is not required for operation.
Metric
NVD enrichment efforts refer to publicly available information to associate vector strings. CVSS information provided by other sources is also displayed.
References to advice, solutions and tools
By selecting these links, you will leave the NIST web space. We have provided these links to other websites because they may contain information that may be of interest to you. No inference should be drawn from whether or not other sites are referenced from this page. There may be other websites better suited to your needs. NIST does not necessarily endorse the opinions expressed or the facts presented on these sites. Additionally, NIST does not endorse any commercial products that may be mentioned on these sites. Please direct your comments on this page to [email protected].
List of weaknesses
| ID CWE | CWE Name | Source |
|---|---|---|
|
NVD-CWE-noinfo |
Insufficient information |
NIST |
Quick information
CVE dictionary entry:
CVE-2023-21384
NVD publication date:
10/30/2023
NVD Last modification:
11/21/2024
Source:
Android (associated with Google Inc. or Open Handset Alliance)
