CVE-2016-6770

LOW Year: 2016
CVSS v3 Score
3.3
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-30202228.

Related Vulnerabilities

CVE-2016-5615

LOW
CVSS:3.3(Low)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.

CWE-2842016

CVE-2017-18421

LOW
CVSS:3.3(Low)

cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).

CWE-2842017

CVE-2020-11931

LOW
CVSS:3.3(Low)

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulsea...

CWE-2842020

CVE-2020-15279

LOW
CVSS:3.3(Low)

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion ...

CWE-2842020

CVE-2021-25359

LOW
CVSS:3.3(Low)

An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.

CWE-2842021

CVE-2021-25439

LOW
CVSS:3.3(Low)

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbit...

CWE-2842021