Lucene search

[email protected]CVE-2010-2913

HistoryJul 30, 2010 - 1:26 p.m.

CVE-2010-2913

2010-07-3013:26:18

CWE-200

[email protected]

web.nvd.nist.gov

citibank

citi mobile

ios

security vulnerability

account data

sensitive information

data storage

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer.

Affected configurations

NVD

Node

citibankciti_mobileRange≤2.0.2

AND

appleiphone_os

CPENameOperatorVersion
citibank:citi_mobilecitibank citi mobilele2.0.2

CPE	Name	Operator	Version
citibank:citi_mobile	citibank citi mobile	le	2.0.2

References

itunes.apple.com/us/app/citi-mobile-sm/id301724680

news.cnet.com/8301-27080_3-20011664-245.html

securitytracker.com/id?1024249

exchange.xforce.ibmcloud.com/vulnerabilities/60855

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-2913

prion1 nvd1 cvelist1