CVE-2013-2310
Description
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| softbank | wi-fi_spot_configuration_software | - | |
| softbank | wi-fi_application | {"endIncluding":"1.7.0"} | |
| softbank | wisprclient | {"endIncluding":"1.3.0"} | |
| willcom-inc | wi-fi_application | {"endIncluding":"1.7.0"} | |
References
- http://jvn.jp/en/jp/JVN85371480/397327/index.html
- http://jvn.jp/en/jp/JVN85371480/995319/index.html
- http://jvn.jp/en/jp/JVN85371480/995417/index.html
- http://jvn.jp/en/jp/JVN85371480/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039
- http://jvn.jp/en/jp/JVN85371480/397327/index.html
- http://jvn.jp/en/jp/JVN85371480/995319/index.html
- http://jvn.jp/en/jp/JVN85371480/995417/index.html
- http://jvn.jp/en/jp/JVN85371480/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039
CWEs
CWE-287
Verify integrity in audit chain (admin only). AS-IS.