Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for app_store_app by lenovo
CVE-2022-3611 (GCVE-0-2022-3611)
Vulnerability from nvd – Published: 2023-10-27 19:05 – Updated: 2024-09-09 19:46
VLAI?
Summary
An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.
Severity ?
7.6 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:02.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/205280.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T19:46:40.835539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T19:46:50.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "App Store",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "11.8.0",
"status": "affected",
"version": " ",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Yu Junfeng for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications."
}
],
"value": "An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-27T19:05:01.038Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/205280.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the Lenovo App Store to version 11.8.0 or higher. "
}
],
"value": "Update the Lenovo App Store to version 11.8.0 or higher. "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-3611",
"datePublished": "2023-10-27T19:05:01.038Z",
"dateReserved": "2022-10-19T19:42:56.652Z",
"dateUpdated": "2024-09-09T19:46:50.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3611 (GCVE-0-2022-3611)
Vulnerability from cvelistv5 – Published: 2023-10-27 19:05 – Updated: 2024-09-09 19:46
VLAI?
Summary
An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.
Severity ?
7.6 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:02.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/205280.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T19:46:40.835539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T19:46:50.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "App Store",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "11.8.0",
"status": "affected",
"version": " ",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Yu Junfeng for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications."
}
],
"value": "An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-27T19:05:01.038Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/205280.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the Lenovo App Store to version 11.8.0 or higher. "
}
],
"value": "Update the Lenovo App Store to version 11.8.0 or higher. "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-3611",
"datePublished": "2023-10-27T19:05:01.038Z",
"dateReserved": "2022-10-19T19:42:56.652Z",
"dateUpdated": "2024-09-09T19:46:50.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}