exploitDog

GHSA-j52v-4v3v-rm83

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25624963.

The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25624963.

Ссылки

EPSS

Процентиль: 32%

0.00127

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-3897

CVSS3: 5.5

ubuntu

больше 9 лет назад

The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25624963.

CVE-2016-3897

CVSS3: 5.5

nvd

больше 9 лет назад

The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25624963.

EPSS

Процентиль: 32%

0.00127

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200