CVE-2017-15998

{"id": "CVE-2017-15998", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-10-29T17:29:00.283", "references": [{"url": "https://1337sec.blogspot.de/2017/10/auditing-nq-contacts-backup-restore-11.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://1337sec.blogspot.de/2017/10/auditing-nq-contacts-backup-restore-11.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-327"}]}], "descriptions": [{"lang": "en", "value": "In the \"NQ Contacts Backup & Restore\" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network."}, {"lang": "es", "value": "En la aplicaci\u00f3n NQ Contacts Backup & Restore 1.1 para Android, se utiliza el cifrado DES con una clave est\u00e1tica para proteger los datos de contacto transmitidos. Esto hace que sea m\u00e1s f\u00e1cil para los atacantes remotos obtener informaci\u00f3n en texto claro rastreando la red."}], "lastModified": "2024-11-21T03:15:38.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nq:contacts_backup_\\&_restore:1.1:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "A459EF7F-A85D-4ADC-A69D-CD5582703075"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}