CVE-2012-2567

EPSS 0.65%
Published 22.05.2012 15:55:02
Last modified 11.04.2025 00:51:21
Source cret@cert.org
Teams watchlist Login
Open Login

The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP session.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Xelex ≫ Mobiletrack Version <= 2.3.7

Google ≫ Android

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.65%	0.685

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

http://blog.mobiledefense.com/2012/05/mobile-defense-finds-two-security-vulnerabilities-in-xelex-mobiletrack/

http://secunia.com/advisories/49268

http://www.kb.cert.org/vuls/id/464683

US Government Resource

http://www.securityfocus.com/bid/53634

https://exchange.xforce.ibmcloud.com/vulnerabilities/75783

https://nvd.nist.gov/vuln/detail/CVE-2012-2567

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2567

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2567

EUVD