Vulnerability Details CVE-2013-6986
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.0%
CVSS Severity
CVSS v2 Score 2.1
References
- http://archives.neohapsis.com/archives/bugtraq/2013-12/0040.html
- http://osvdb.org/100745
- http://packetstormsecurity.com/files/124330/ZippyYum-3.4-Insecure-Data-Storage.html
- http://seclists.org/fulldisclosure/2013/Dec/39
- http://archives.neohapsis.com/archives/bugtraq/2013-12/0040.html
- http://osvdb.org/100745
- http://packetstormsecurity.com/files/124330/ZippyYum-3.4-Insecure-Data-Storage.html
- http://seclists.org/fulldisclosure/2013/Dec/39
Products affected by CVE-2013-6986
-
cpe:2.3:a:zippyyum:subway_ordering_for_california:3.4