{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T13:56:20.182","vulnerabilities":[{"cve":{"id":"CVE-2018-9489","sourceIdentifier":"security@android.com","published":"2018-11-06T17:29:01.473","lastModified":"2024-11-21T04:15:34.530","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-77286245."},{"lang":"es","value":"Cuando WiFi está habilitado, la función sendNetworkStateChangeBroadcast de WifiStateMachine.java transmite un intent que incluye información detallada de la red WiFi. Esto podría llevar a una divulgación de información sin necesitar privilegios de ejecución. No se necesita interacción del usuario para explotarlo. Producto: Versiones de Android: Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9.0. Android ID: A-77286245."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","matchCriteriaId":"09E6085C-A61E-4A89-BF80-EDD9A7DF1E47"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"D835D592-2423-44C6-804A-3AD010112E7C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","matchCriteriaId":"568E2561-A068-46A2-B331-BBA91FC96F0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","matchCriteriaId":"B578E383-0D77-4AC7-9C81-3F0B8C18E033"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","matchCriteriaId":"B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","matchCriteriaId":"8DFAAD08-36DA-4C95-8200-C29FE5B6B854"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1041590","source":"security@android.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489/","source":"security@android.com","tags":["Mitigation","Third Party Advisory"]},{"url":"http://www.securitytracker.com/id/1041590","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]}]}}]}