CVE-2017-13227

Medium CVSS 5.5

Overview

In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE: N/A Published: 2024-11-14T23:15:05.013

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.5 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags