5.9

CVE-2013-10001

HTC One/Sense Mail Client certificate validation

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HtcMail Version5.2.2222282614.528614.528614
   HtcSdk Api Version4.25
   HtcOne Sv Version4.0.4 SwPlatformandroid
   HtcSense Version4.1
HtcMail Version5.5.550363
   HtcSdk Api Version4.63
   HtcOne X Version4.1.1 SwPlatformandroid
   HtcSense Version4+
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.5
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
cna@vuldb.com 4.8 2.2 2.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

https://vuldb.com/?id.8900
Third Party Advisory
Permissions Required