Lucene search

CVE-2016-6545

🗓️ 13 Jul 2018 20:00:29Reported by certccType

Session cookies not used for maintaining sessions in iTrack Easy. User password passed as base64 encoded field over HTTPS

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2016-6545 iTrack Easy does not use session cookies to maintain sessions and POSTs the users password over HTTPS for each request	13 Jul 201820:00	–	cvelist
NVD	CVE-2016-6545	13 Jul 201820:29	–	nvd
Prion	Design/Logic Flaw	13 Jul 201820:29	–	prion
CERT	iTrack Easy contains multiple vulnerabilities	25 Oct 201600:00	–	cert

Nvd

Node

ieasytec itrackeasyMatch-

[
  {
    "product": "Easy",
    "vendor": "iTrack",
    "versions": [
      {
        "status": "unknown",
        "version": "N/A"
      }
    ]
  }
]

Source	Link
blog	www.blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/
kb	www.kb.cert.org/vuls/id/974055
securityfocus	www.securityfocus.com/bid/93875

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2018 20:29Current

9.6High risk

Vulners AI Score9.6

CVSS25

CVSS39.8

EPSS0.00564