Описание
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- MitigationThird Party Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ieasytec:itrack_easy:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00867
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-799
CWE-284
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.
EPSS
Процентиль: 75%
0.00867
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-799
CWE-284