CVE-2016-6542

Опубликовано: 13 июл. 2018

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device's BLE MAC address.

Ссылки

http://www.securityfocus.com/bid/93875
Third Party Advisory
VDB Entry
https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/
Mitigation
https://www.kb.cert.org/vuls/id/974055
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/93875
Third Party Advisory
VDB Entry
https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/
Mitigation
https://www.kb.cert.org/vuls/id/974055
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ieasytec:itrackeasy:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00362

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

CWE-20

Связанные уязвимости

GHSA-xhgf-3v3f-px6x