ID |
CVE-2013-6986
|
Summary |
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 2.1 (as of 20-12-2013 - 04:38) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-310 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
refmap
via4
|
|
Last major update |
20-12-2013 - 04:38 |
Published |
12-12-2013 - 17:55 |
Last modified |
20-12-2013 - 04:38 |