FKIE_CVE-2016-0831

Vulnerability from fkie_nvd - Published: 2016-03-12 21:59 - Updated: 2025-04-12 10:46
Severity ?
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25778215.
References
security@android.comhttp://source.android.com/security/bulletin/2016-03-01.htmlVendor Advisory
security@android.comhttp://www.securityfocus.com/bid/84266
security@android.comhttps://android.googlesource.com/platform/frameworks/opt/telephony/+/79eecef63f3ea99688333c19e22813f54d4a31b1
af854a3a-2127-422b-91ae-364da2661108http://source.android.com/security/bulletin/2016-03-01.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/84266
af854a3a-2127-422b-91ae-364da2661108https://android.googlesource.com/platform/frameworks/opt/telephony/+/79eecef63f3ea99688333c19e22813f54d4a31b1
Impacted products
Vendor Product Version
google android 5.0
google android 5.0.1
google android 5.0.2
google android 5.1
google android 5.1.0
google android 5.1.1
google android 6.0
google android 6.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77125688-2CCA-4990-ABB2-551D47CB0CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B846C63A-7261-481E-B4A4-0D8C79E0D8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25778215."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n getDeviceIdForPhone en internal/telephony/PhoneSubInfoController.java en Telephony en Android 5.x en versiones anteriores a 5.1.1 LMY49H y 6.x en versiones anteriores a 2016-03-01 no comprueba los permisos para el READ_PHONE_STATE, lo que permite a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocida como error interno 25778215."
    }
  ],
  "id": "CVE-2016-0831",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-03-12T21:59:15.947",
  "references": [
    {
      "source": "security@android.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://source.android.com/security/bulletin/2016-03-01.html"
    },
    {
      "source": "security@android.com",
      "url": "http://www.securityfocus.com/bid/84266"
    },
    {
      "source": "security@android.com",
      "url": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/79eecef63f3ea99688333c19e22813f54d4a31b1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://source.android.com/security/bulletin/2016-03-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/84266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/79eecef63f3ea99688333c19e22813f54d4a31b1"
    }
  ],
  "sourceIdentifier": "security@android.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.