CVE-2024-45240 Vulnerability Details

  /     /     /  

CVE-2024-45240 Metadata Quick Info

CVE Published: 24/08/2024 | CVE Updated: 05/11/2024 | CVE Year: 2024
Source: mitre | Vendor: n/a | Product: n/a
Status : PUBLISHED

---

CVE-2024-45240 Description

The TikTok (aka com.zhiliaoapp.musically) application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal (in the application\'s exposed WebView). (On Android 12 and later, this is only exploitable by third-party applications.)

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).