Lucene search
MitreCVE-2013-6986HistoryDec 12, 2013 - 5:55 p.m.
CVE-2013-6986
2013-12-1217:55:03
CWE-310
mitre
web.nvd.nist.gov
24
information security
zippyyum
subway
ca kiosk
app
ios
sqlite
cleartext storage
sensitive information
data breach
password security
nvd
cve-2013-6986
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.001
Percentile
44.0%
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.
Affected configurations
Node
zippyyumsubway_ordering_for_californiaMatch3.4---iphone_os
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zippyyum | subway_ordering_for_california | 3.4 | cpe:2.3:a:zippyyum:subway_ordering_for_california:3.4:-:-:*:-:iphone_os:*:* |
Related
nvd
nvd
CVE-2013-6986
2013-12-12 17:55:03
prion
prion
Design/Logic Flaw
2013-12-12 17:55:00
cvelist
cvelist
CVE-2013-6986
2013-12-12 17:00:00
packetstorm
packetstorm
ZippyYum 3.4 Insecure Data Storage
2013-12-08 00:00:00
securityvulns
securityvulns
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
2013-12-30 00:00:00
Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities
2013-12-30 00:00:00
iOS applications multiple seucrity vulnereabilities
2013-12-30 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.001
Percentile
44.0%
Related for CVE-2013-6986