CVE-2015-8512Improper Access Control in Mozilla Firefox OS

CWE-284Improper Access Control3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 77.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox OS
Timeline
PublishedJan 9
Latest updateMay 17

Description

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qv23-wcfr-rq9h: The lockscreen feature in Mozilla Firefox OS before 22022-05-17
CVEList
CVE-2015-8512: The lockscreen feature in Mozilla Firefox OS before 22016-01-09
CVE-2015-8512 — Improper Access Control in Mozilla | cvebase