CVE-2015-8269

Опубликовано: 04 фев. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 6.5

EPSS Низкий

Описание

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

Ссылки

https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
https://www.kb.cert.org/vuls/id/719736
US Government Resource
https://www.kb.cert.org/vuls/id/GWAN-A6LPPW
US Government Resource
https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
https://www.kb.cert.org/vuls/id/719736
US Government Resource
https://www.kb.cert.org/vuls/id/GWAN-A6LPPW
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:fisher-price:smart_toy_bear:*:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00791

Низкий

7.5 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-7xv5-5f2f-vfq3