cvelist/2021/35xxx/CVE-2021-35079.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2021-35079", 
      "STATE": "PUBLIC"
   }, 
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", 
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8053, AQT1000, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCM4290, QCS4290, QCS603, QCS605, Qualcomm215, SD460, SD480, SD662, SD680, SD690 5G, SD695, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDXR2 5G, SM7250P, SM7325P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
         }
      ]
   }, 
   "impact": {
      "cvss": {
         "baseScore": 6.2, 
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", 
         "version": "3.1"
      }
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Permissions, Privileges and Access Controls in Telephony"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin", 
            "refsource": "CONFIRM", 
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
         }
      ]
   }
}