Lucene search
CertccCVELIST:CVE-2017-3211HistoryMay 17, 2017 - 12:00 a.m.
CVE-2017-3211 Centire Yopify leaks customer information
2017-05-1700:00:00
CWE-213
certcc
www.cve.org
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.8%
Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization.
CNA Affected
[
{
"product": "Yopify",
"vendor": "Centire",
"versions": [
{
"lessThanOrEqual": "2017-04-06",
"status": "affected",
"version": "2017-04-06",
"versionType": "custom"
}
]
}
]Related
prion
prion
Authorization
2020-01-15 17:15:00
cve
cve
CVE-2017-3211
2020-01-15 17:15:13
rapid7community
rapid7community
R7-2017-05 | CVE-2017-3211: Centire Yopify Information Disclosure
2017-06-01 20:00:49
nvd
nvd
CVE-2017-3211
2020-01-15 17:15:13
threatpost
threatpost
Privacy Issue Fixed in Yopify Ecommerce Notification Plugin
2017-05-31 09:05:26
rapid7blog
rapid7blog
Primary Arms PII Disclosure via IDOR (FIXED)
2022-08-02 15:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.8%
Related for CVELIST:CVE-2017-3211