Lucene search

FlexeraCVE-2012-4918

HistoryJan 22, 2013 - 11:55 p.m.

CVE-2012-4918

2013-01-2223:55:02

CWE-20

flexera

web.nvd.nist.gov

cve-2012-4918

call of duty elite

ios

ssl certificate

validation

security

vulnerability

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.002

Percentile

59.3%

JSON

Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack.

Affected configurations

Nvd

Node

activisioncall_of_duty_eliteMatch2.0.1-iphone_os

VendorProductVersionCPE
activisioncall_of_duty_elite2.0.1cpe:2.3:a:activision:call_of_duty_elite:2.0.1:-:*:*:*:iphone_os:*:*

Vendor	Product	Version	CPE
activision	call_of_duty_elite	2.0.1	cpe:2.3:a:activision:call_of_duty_elite:2.0.1:-::::iphone_os::*

References

osvdb.org/89070

secunia.com/advisories/51366

www.securityfocus.com/bid/57225

exchange.xforce.ibmcloud.com/vulnerabilities/81116

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.002

Percentile

59.3%

JSON

Related for CVE-2012-4918