Lucene search

[email protected]CVE-2014-8757

HistoryFeb 17, 2015 - 3:59 p.m.

CVE-2014-8757

2015-02-1715:59:00

CWE-284

[email protected]

web.nvd.nist.gov

cve-2014-8757

on-screen phone

osp

authorization bypass

remote attackers

6.8 Medium

AI Score

Confidence

Low

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.1%

JSON

LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to bypass authorization via a crafted request.

CPENameOperatorVersion
lg:on-screen_phonelg on-screen phonele4.3.009

CPE	Name	Operator	Version
lg:on-screen_phone	lg on-screen phone	le	4.3.009

References

packetstormsecurity.com/files/130286/LG-On-Screen-Phone-Authentication-Bypass.html

seclists.org/fulldisclosure/2015/Feb/26

www.securityfocus.com/archive/1/534643/100/0/threaded

www.securityfocus.com/bid/72535

www.securityfocus.com/bid/72544

exchange.xforce.ibmcloud.com/vulnerabilities/100733

6.8 Medium

AI Score

Confidence

Low

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2014-8757

securityvulns2 cvelist1 prion1