Lucene search
CertccCVELIST:CVE-2016-6540HistoryJul 06, 2018 - 9:00 p.m.
CVE-2016-6540 TrackR Bravo is missing authentication for the cloud service and allows querying or sending of GPS data from unauthenticated users
2018-07-0621:00:00
CWE-306
certcc
www.cve.org
Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.
CNA Affected
[
{
"platforms": [
"iOS"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "5.1.6"
}
]
},
{
"platforms": [
"Android"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "2.2.5"
}
]
}
]Related
cert
cert
TrackR Bravo contains multiple vulnerabilities
2016-10-25 00:00:00
cve
cve
nvd
nvd
prion
prion
Improper access control
2018-07-06 21:29:00
Code injection
2018-07-06 21:29:00
Code injection
2018-07-06 21:29:00
cvelist
cvelist
securelist
securelist
I know where your pet is
2018-05-22 10:00:52