CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1835

Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.2%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 2.6

References

Products affected by CVE-2015-1835

Apache » Cordova » Version: 0.9.0

cpe:2.3:a:apache:cordova:0.9.0
Apache » Cordova » Version: 0.9.1

cpe:2.3:a:apache:cordova:0.9.1
Apache » Cordova » Version: 0.9.2

cpe:2.3:a:apache:cordova:0.9.2
Apache » Cordova » Version: 0.9.3

cpe:2.3:a:apache:cordova:0.9.3
Apache » Cordova » Version: 0.9.4

cpe:2.3:a:apache:cordova:0.9.4
Apache » Cordova » Version: 0.9.5

cpe:2.3:a:apache:cordova:0.9.5
Apache » Cordova » Version: 0.9.5.1

cpe:2.3:a:apache:cordova:0.9.5.1
Apache » Cordova » Version: 0.9.6

cpe:2.3:a:apache:cordova:0.9.6
Apache » Cordova » Version: 0.9.6.1

cpe:2.3:a:apache:cordova:0.9.6.1
Apache » Cordova » Version: 1.0.0

cpe:2.3:a:apache:cordova:1.0.0
Apache » Cordova » Version: 1.1.0

cpe:2.3:a:apache:cordova:1.1.0
Apache » Cordova » Version: 1.2.0

cpe:2.3:a:apache:cordova:1.2.0
Apache » Cordova » Version: 1.3.0

cpe:2.3:a:apache:cordova:1.3.0
Apache » Cordova » Version: 1.4.0

cpe:2.3:a:apache:cordova:1.4.0
Apache » Cordova » Version: 1.4.1

cpe:2.3:a:apache:cordova:1.4.1
Apache » Cordova » Version: 1.5.0

cpe:2.3:a:apache:cordova:1.5.0
Apache » Cordova » Version: 1.6.0

cpe:2.3:a:apache:cordova:1.6.0
Apache » Cordova » Version: 1.6.1

cpe:2.3:a:apache:cordova:1.6.1
Apache » Cordova » Version: 1.7.0

cpe:2.3:a:apache:cordova:1.7.0
Apache » Cordova » Version: 1.8.0

cpe:2.3:a:apache:cordova:1.8.0
Apache » Cordova » Version: 1.8.1

cpe:2.3:a:apache:cordova:1.8.1
Apache » Cordova » Version: 1.9.0

cpe:2.3:a:apache:cordova:1.9.0
Apache » Cordova » Version: 2.0.0

cpe:2.3:a:apache:cordova:2.0.0
Apache » Cordova » Version: 2.1.0

cpe:2.3:a:apache:cordova:2.1.0
Apache » Cordova » Version: 2.2.0

cpe:2.3:a:apache:cordova:2.2.0
Apache » Cordova » Version: 2.3.0

cpe:2.3:a:apache:cordova:2.3.0
Apache » Cordova » Version: 2.4.0

cpe:2.3:a:apache:cordova:2.4.0
Apache » Cordova » Version: 2.5.0

cpe:2.3:a:apache:cordova:2.5.0
Apache » Cordova » Version: 2.6.0

cpe:2.3:a:apache:cordova:2.6.0
Apache » Cordova » Version: 2.7.0

cpe:2.3:a:apache:cordova:2.7.0
Apache » Cordova » Version: 2.8.0

cpe:2.3:a:apache:cordova:2.8.0
Apache » Cordova » Version: 2.8.1

cpe:2.3:a:apache:cordova:2.8.1
Apache » Cordova » Version: 2.9.0

cpe:2.3:a:apache:cordova:2.9.0
Apache » Cordova » Version: 2.9.1

cpe:2.3:a:apache:cordova:2.9.1
Apache » Cordova » Version: 3.0.0

cpe:2.3:a:apache:cordova:3.0.0
Apache » Cordova » Version: 3.1.0

cpe:2.3:a:apache:cordova:3.1.0
Apache » Cordova » Version: 3.2.0

cpe:2.3:a:apache:cordova:3.2.0
Apache » Cordova » Version: 3.3.0

cpe:2.3:a:apache:cordova:3.3.0
Apache » Cordova » Version: 3.4.0

cpe:2.3:a:apache:cordova:3.4.0
Apache » Cordova » Version: 3.5.0

cpe:2.3:a:apache:cordova:3.5.0
Apache » Cordova » Version: 3.5.1

cpe:2.3:a:apache:cordova:3.5.1
Apache » Cordova » Version: 3.6.0

cpe:2.3:a:apache:cordova:3.6.0
Apache » Cordova » Version: 3.6.1

cpe:2.3:a:apache:cordova:3.6.1
Apache » Cordova » Version: 3.6.3

cpe:2.3:a:apache:cordova:3.6.3
Apache » Cordova » Version: 3.6.4

cpe:2.3:a:apache:cordova:3.6.4
Apache » Cordova » Version: 3.7.0

cpe:2.3:a:apache:cordova:3.7.0
Apache » Cordova » Version: 3.7.1

cpe:2.3:a:apache:cordova:3.7.1
Apache » Cordova » Version: 4.0.0

cpe:2.3:a:apache:cordova:4.0.0
Apache » Cordova » Version: 4.0.1

cpe:2.3:a:apache:cordova:4.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1835

Products

Pricing

Contact Us