CVE-2022-3611

7.6HIGH

Key Information

Vendor: Lenovo
Status: App Store
Vendor: CVE Published:; 27 October 2023

Summary

An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.

Affected Version(s)

App Store < 11.8.0

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 7.5 to: 7.6 - (HIGH)
Aug 3, 2024
Vulnerability published.
Oct 27, 2023
Vulnerability Reserved.
Oct 19, 2022

Collectors

NVD DatabaseMitre Database

Credit

Lenovo thanks Yu Junfeng for reporting this issue.

.