Exposure of Resource to Wrong Sphere

CVE-2022-4903

High

8.1/10

Summary

A vulnerability was found in CodenameOne versions prior to 7.0.71. It has been classified as problematic. Affected is an unknown function. The manipulation leads to the use of implicit intent for sensitive communication. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. It is recommended to upgrade the affected component. VDB-220470 is the identifier assigned to this vulnerability.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References

Advisory
Issue
Other

Advisory Timeline

Published Feb 10, 2023

Exposure of Resource to Wrong Sphere

CVE-2022-4903

Summary

CWE-668 - Exposure of Resource to Wrong Sphere

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS