Lucene search
HistoryApr 15, 2014 - 10:55 a.m.
CVE-2014-0357
amtelco
misecuremessages
remote attackers
xml request
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.9%
Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request from the iOS or Android application.
Affected configurations
Node
amtelcomisecuremessagesMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| amtelco:misecuremessages | amtelco misecuremessages | eq | - |
Related
seebug
seebug
Amtelco miSecureMessages未授权访问漏洞
2014-04-16 00:00:00
Amtelco miSecureMessages未授权访问漏洞
2014-04-16 00:00:00
prion
prion
Design/Logic Flaw
2014-04-15 10:55:00
cert
cert
AMTELCO miSecureMessages Server insecurely authenticates clients
2014-04-11 00:00:00
cvelist
cvelist
CVE-2014-0357
2014-04-15 10:00:00
nvd
nvd
CVE-2014-0357
2014-04-15 10:55:12
ics
ics
AMTELCO miSecure Vulnerabilities
2014-05-01 12:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.9%
Related for CVE-2014-0357