Lucene search

[email protected]CVE-2012-5696

HistoryOct 20, 2014 - 4:55 p.m.

CVE-2012-5696

2014-10-2016:55:00

CWE-264

[email protected]

web.nvd.nist.gov

bulb security

smartphone pentest framework

spf

cve-2012-5696

security vulnerability

8.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON

Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

CPENameOperatorVersion
bulbsecurity:smartphone_pentest_frameworkbulbsecurity smartphone pentest frameworkle0.1.2

CPE	Name	Operator	Version
bulbsecurity:smartphone_pentest_framework	bulbsecurity smartphone pentest framework	le	0.1.2

References

twitter.com/georgiaweidman/statuses/269138431567855618

www.htbridge.com/advisory/HTB23123

8.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON

Related for CVE-2012-5696

prion1 securityvulns2 htbridge1