Lucene search
HistoryDec 12, 2013 - 5:55 p.m.
CVE-2013-6986
information security
zippyyum
subway
ca kiosk
app
ios
sqlite
cleartext storage
sensitive information
data breach
password security
nvd
cve-2013-6986
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
43.4%
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zippyyum:subway_ordering_for_california | zippyyum subway ordering for california | eq | 3.4 |
Related
securityvulns
securityvulns
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
2013-12-30 00:00:00
Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities
2013-12-30 00:00:00
iOS applications multiple seucrity vulnereabilities
2013-12-30 00:00:00
packetstorm
packetstorm
ZippyYum 3.4 Insecure Data Storage
2013-12-08 00:00:00
prion
prion
Design/Logic Flaw
2013-12-12 17:55:00
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
43.4%
Related for CVE-2013-6986