CVE-2015-4494

CWE-200Information Exposure3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 50.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox OS
Timeline
PublishedAug 8
Latest updateMay 17

Description

Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5qxw-j77f-h5wp: Mozilla Firefox OS before 22022-05-17
CVEList
CVE-2015-4494: Mozilla Firefox OS before 22015-08-08
CVE-2015-4494 (MEDIUM CVSS 4.3) | Mozilla Firefox OS before 2.2 does | cvebase.io