5 matches found
EUVD-2023-32520
Malicious code in bioql PyPI...
CVE-2023-28900
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28901 Trip Data Disclosure from Backend
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number...
CVE-2023-28900
Summary (CVE-2023-28900) : The Skoda Automotive cloud backend (Skoda Connect service) is affected by a Broken Access Control vulnerability that allows disclosure of nicknames and other user identifiers by supplying an arbitrary vehicle VIN number. The root cause is improper access control on the ...
CVE-2023-28900 Nickname Disclosure on the Backend Automotive Server
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number...