{"containers":{"cna":{"affected":[{"product":"Samsung Members","vendor":"Samsung Mobile","versions":[{"lessThan":"2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above","status":"affected","version":"-","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview."}],"metrics":[{"other":{"content":{"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},"type":"unknown"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-284","description":"CWE-284 Improper Access Control","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-07-08T13:47:58.000Z","orgId":"3af57064-a867-422c-b2ad-40307b65c458","shortName":"Samsung Mobile"},"references":[{"tags":["x_refsource_MISC"],"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7"}],"source":{"discovery":"UNKNOWN"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"mobile.security@samsung.com","ID":"CVE-2021-25439","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Samsung Members","version":{"version_data":[{"version_affected":"<","version_name":"-","version_value":"2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above"}]}}]},"vendor_name":"Samsung Mobile"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview."}]},"impact":{"cvss":{"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-284 Improper Access Control"}]}]},"references":{"reference_data":[{"name":"https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7","refsource":"MISC","url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T20:03:05.537Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7"}]}]},"cveMetadata":{"assignerOrgId":"3af57064-a867-422c-b2ad-40307b65c458","assignerShortName":"Samsung Mobile","cveId":"CVE-2021-25439","datePublished":"2021-07-08T13:47:58.000Z","dateReserved":"2021-01-19T00:00:00.000Z","dateUpdated":"2024-08-03T20:03:05.537Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}