cvelist/2024/49xxx/CVE-2024-49421.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-49421",
        "ASSIGNER": "mobile.security@samsung.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (&#39;Path Traversal&#39;)"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Samsung Mobile",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Quick Share Agent",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "status": "unaffected",
                                                        "version": "3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14"
                                                    }
                                                ],
                                                "defaultStatus": "affected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12",
                "refsource": "MISC",
                "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12"
            }
        ]
    },
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "attackVector": "ADJACENT_NETWORK",
                "attackComplexity": "LOW",
                "privilegesRequired": "NONE",
                "userInteraction": "NONE",
                "scope": "UNCHANGED",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "availabilityImpact": "NONE",
                "baseSeverity": "MEDIUM",
                "baseScore": 4.3,
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
            }
        ]
    }
}
"-Synchronized-Data." 2024-10-15 06:00:37 +00:00			`{`
"-Synchronized-Data." 2024-12-03 06:00:36 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-10-15 06:00:37 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-49421",`
"-Synchronized-Data." 2024-12-03 06:00:36 +00:00			`"ASSIGNER": "mobile.security@samsung.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-10-15 06:00:37 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-12-03 06:00:36 +00:00			`"value": "Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Samsung Mobile",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Quick Share Agent",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"versions": [`
			`{`
			`"status": "unaffected",`
			`"version": "3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14"`
			`}`
			`],`
			`"defaultStatus": "affected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12",`
			`"refsource": "MISC",`
			`"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12"`
			`}`
			`]`
			`},`
			`"impact": {`
			`"cvss": [`
			`{`
			`"version": "3.1",`
			`"attackVector": "ADJACENT_NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "LOW",`
			`"availabilityImpact": "NONE",`
			`"baseSeverity": "MEDIUM",`
			`"baseScore": 4.3,`
			`"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"`
"-Synchronized-Data." 2024-10-15 06:00:37 +00:00			`}`
			`]`
			`}`
			`}`