nvd-json-data-feeds/CVE-2022/CVE-2022-203xx/CVE-2022-20342.json

{
  "id": "CVE-2022-20342",
  "sourceIdentifier": "security@android.com",
  "published": "2022-08-12T15:15:13.150",
  "lastModified": "2022-08-16T10:47:38.337",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-143534321"
    },
    {
      "lang": "es",
      "value": "En WiFi, se presenta una posible divulgaci\u00f3n de la contrase\u00f1a de WiFi al usuario final debido a un valor por defecto no seguro. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: Android-13, ID de Android: A-143534321"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "baseSeverity": "LOW"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-1188"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://source.android.com/security/bulletin/android-13",
      "source": "security@android.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}