Lucene search

[email protected]NVD:CVE-2014-6602

HistorySep 22, 2014 - 1:55 a.m.

CVE-2014-6602

2014-09-2201:55:06

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

20.2%

JSON

Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option.

Affected configurations

Nvd

Node

microsoftnokia_asha_501_softwareMatch14.0.4

AND

microsoftnokia_asha_501Match-

VendorProductVersionCPE
microsoftnokia_asha_501_software14.0.4cpe:2.3:a:microsoft:nokia_asha_501_software:14.0.4:*:*:*:*:*:*:*
microsoftnokia_asha_501-cpe:2.3:h:microsoft:nokia_asha_501:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	nokia_asha_501_software	14.0.4	cpe:2.3:a:microsoft:nokia_asha_501_software:14.0.4:::::::*
microsoft	nokia_asha_501	-	cpe:2.3:h:microsoft:nokia_asha_501:-:::::::*

References

packetstormsecurity.com/files/128320/Nokia-Asha-501-Lock-Bypass.html

exchange.xforce.ibmcloud.com/vulnerabilities/96195

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

20.2%

JSON

Related for NVD:CVE-2014-6602

prion1 cvelist1 cve1