Lucene search

MitreCVE-2004-2626

HistoryDec 04, 2005 - 10:00 p.m.

CVE-2004-2626

2005-12-0422:00:00

mitre

web.nvd.nist.gov

vulnerability

siemens

s55

sms

java api

remote attacks

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.021

Percentile

89.1%

JSON

GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.

Affected configurations

Nvd

Node

siemenss55Match09.2179

VendorProductVersionCPE
siemenss5509.2179cpe:2.3:h:siemens:s55:09.2179:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	s55	09.2179	cpe:2.3:h:siemens:s55:09.2179:::::::*

References

marc.info/?l=full-disclosure&m=108308895624565&w=2

marc.info/?l=full-disclosure&m=108325033624812&w=2

secunia.com/advisories/11492

securitytracker.com/alerts/2004/Apr/1009959.html

www.osvdb.org/5703

www.securityfocus.com/bid/10227

exchange.xforce.ibmcloud.com/vulnerabilities/15995

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.021

Percentile

89.1%

JSON

Related for CVE-2004-2626