Lucene search

[email protected]CVE-2012-4918

HistoryJan 22, 2013 - 11:55 p.m.

CVE-2012-4918

2013-01-2223:55:02

CWE-20

[email protected]

web.nvd.nist.gov

cve-2012-4918

call of duty elite

ios

ssl certificate

validation

security

vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.4%

JSON

Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack.

Affected configurations

NVD

Node

activisioncall_of_duty_eliteMatch2.0.1-iphone_os

CPENameOperatorVersion
activision:call_of_duty_eliteactivision call of duty eliteeq2.0.1

CPE	Name	Operator	Version
activision:call_of_duty_elite	activision call of duty elite	eq	2.0.1

References

osvdb.org/89070

secunia.com/advisories/51366

www.securityfocus.com/bid/57225

exchange.xforce.ibmcloud.com/vulnerabilities/81116

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.4%

JSON

Related for CVE-2012-4918

cvelist1 nvd1 prion1