Improper Access Control in Intel Smart Campus Android Application
CVE-2022-21157

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Smart Campus Android Application
Vendor: CVE Published:; 9 February 2022

Summary

The Intel Smart Campus Android application, prior to version 6.1, contains an improper access control vulnerability that could allow authenticated users to potentially disclose sensitive information through local access. This vulnerability necessitates immediate attention to secure user data and prevent unauthorized information retrieval.

Affected Version(s)

Intel(R) Smart Campus Android application before version 6.1

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Nov 15, 2021