CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-4877

The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not use CAVE authentication, which makes it easier for remote attackers to obtain ESN and MIN values from arbitrary phones, and conduct cloning attacks, by sniffing the network for registration packets.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.0%

CVSS Severity

CVSS v2 Score 2.6

References

http://www.kb.cert.org/vuls/id/458007
http://www.kb.cert.org/vuls/id/BLUU-997M5B
http://www.securityfocus.com/bid/61169
http://www.kb.cert.org/vuls/id/458007
http://www.kb.cert.org/vuls/id/BLUU-997M5B
http://www.securityfocus.com/bid/61169

Products affected by CVE-2013-4877

Verizon » Wireless Network Extender » Version: scs-26uc4

cpe:2.3:h:verizon:wireless_network_extender:scs-26uc4
Verizon » Wireless Network Extender » Version: scs-2u01

cpe:2.3:h:verizon:wireless_network_extender:scs-2u01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-4877

Products

Pricing

Contact Us