CVE-2023-29722

{"id": "CVE-2023-29722", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2023-06-01T21:15:09.360", "references": [{"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29722/CVE%20detail.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized apps to actively request permission to modify data in the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the app is opened. An attacker could tamper with this data to cause an escalation of privilege attack."}, {"lang": "es", "value": "La aplicaci\u00f3n Glitter Unicorn Wallpaper para Android 7.0 a 8.0 permite a aplicaciones no autorizadas solicitar activamente permiso para modificar datos en la base de datos que registra informaci\u00f3n sobre las preferencias personales de un usuario y que se cargar\u00e1 en la memoria para ser le\u00edda y utilizada cuando se abra la aplicaci\u00f3n. Un atacante podr\u00eda manipular estos datos para provocar un ataque de escalada de privilegios. "}], "lastModified": "2023-06-08T02:19:29.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:glitter_unicorn_wallpaper_project:glitter_unicorn_wallpaper:*:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "FC799109-5C8E-47F4-94E4-F2F26DC99AD7", "versionEndIncluding": "8.0", "versionStartIncluding": "7.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}