Описание
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:skoda-auto:skoda_connect:-:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
github
около 2 лет назад
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.
EPSS
Процентиль: 20%
0.00063
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo