mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-29 01:31:47 +00:00
83 lines
2.6 KiB
JSON
83 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cert@cert.org",
|
|
"ID": "CVE-2016-6542",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "The MAC address/device tracking ID of an iTrack Easy can be obtained within range of the device"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Easy",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"affected": "?",
|
|
"version_value": "N/A"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "iTrack"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"credit": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
|
|
}
|
|
],
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The iTrack device tracking ID number, also called \"LosserID\" in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device's BLE MAC address."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-200: Information Exposure"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "VU#974055",
|
|
"refsource": "CERT-VN",
|
|
"url": "https://www.kb.cert.org/vuls/id/974055"
|
|
},
|
|
{
|
|
"name": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/",
|
|
"refsource": "MISC",
|
|
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
|
|
},
|
|
{
|
|
"name": "93875",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/93875"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
}
|
|
} |