CVE-2022-27875

5.5MEDIUM

Key Information:

Vendor: F5
Status: F5 Access For Android
Vendor: CVE Published:; 5 May 2022

Summary

On F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Affected Version(s)

F5 Access for Android 3.x < 3.0.8

References

https://support.f5.com/csp/article/K40019131

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 5, 2022
Vulnerability Reserved
Apr 19, 2022

Credit

F5 acknowledges Sheikh Rishad for bringing this issue to our attention and following the highest standards of coordinated disclosure.