CVE-2022-3611: Infoleak
First published: Fri Oct 27 2023(Updated: )
An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo App Store App | <11.8.0 |
Remedy
Update the Lenovo App Store to version 11.8.0 or higher.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this information disclosure vulnerability in the Lenovo App Store?
The vulnerability ID for this information disclosure vulnerability in the Lenovo App Store is CVE-2022-3611.
What is the severity of CVE-2022-3611?
The severity of CVE-2022-3611 is high, with a CVSS score of 7.6.
What is the affected software?
The affected software is the Lenovo App Store App up to version 11.8.0.
What is the impact of this vulnerability?
This vulnerability may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.
Is there a fix for CVE-2022-3611?
Please refer to the official Lenovo advisory linked in the references for information on available fixes or mitigations.
- collector/nvd-api
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/lenovo
- canonical/lenovo app store app