CVE-2013-10001 Vulnerability Details

  /     /     /  

CVE-2013-10001 Metadata Quick Info

CVE Published: 17/05/2022 | CVE Updated: 06/08/2024 | CVE Year: 2013
Source: VulDB | Vendor: HTC | Product: One
Status : PUBLISHED

---

CVE-2013-10001 Description

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.

Metrics

CVSS Version: 3.1 | Base Score: 4.8 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* LOW
    Availability Impact (A)* NONE

Weakness Enumeration (CWE)

CWE-ID: CWE-295
CWE Name: CWE-295 Improper Certificate Validation
Source: HTC

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).