- Description
- The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-310
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zippyyum:subway_ordering_for_california:3.4:-:-:*:-:iphone_os:*:*",
"vulnerable": true,
"matchCriteriaId": "07807358-47D8-400B-A05D-A9B3D495B4EC"
}
],
"operator": "OR"
}
]
}
]