Vulnerability Details : CVE-2013-2310
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
Vulnerability category: BypassGain privilege
Products affected by CVE-2013-2310
- cpe:2.3:a:softbank:wi-fi_spot_configuration_software:-:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:941p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:001p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:944sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:945shg:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:931n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:940n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:001n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:940sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:941sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:002sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:004sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:004shp3:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:941sc:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:942p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:943sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:sharp_3g_handset:945sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:panasonic_3g_handset:942p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:panasonic_3g_handset:941p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:panasonic_3g_handset:001p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:nec_3g_handset:931n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:nec_3g_handset:001n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:nec_3g_handset:940n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:samsung_3g_handset:941sc:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:mobile_wi-fi_router:101sb:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:mobile_wi-fi_router:102z:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:mobile_wi-fi_router:102hw:*:*:*:*:*:*:*
- cpe:2.3:a:softbank:wi-fi_application:*:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:006sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:007sh:j:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:102sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:103sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101k:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:003p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:008z:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:001dl:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:007sh:kt:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:009sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:009sh:y:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:102p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:201m:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:007hw:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:201hw:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:x06ht:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:x06ht:ii:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:001ht:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:003sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:106sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:107sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:200sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101f:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101dl:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:005sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:007sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:102sh:ii:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:104sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101n:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:201k:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:101p:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:003z:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:android_smartphone:009z:*:*:*:*:*:*:*
- cpe:2.3:a:softbank:wisprclient:*:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:windows_mobile_smartphone:x02t:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:windows_mobile_smartphone:x05ht:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:windows_mobile_smartphone:x01sc:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:windows_mobile_smartphone:x04ht:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:disney_mobile_android_smartphone:dm009sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:disney_mobile_android_smartphone:dm011sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:disney_mobile_android_smartphone:dm013sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:disney_mobile_android_smartphone:dm010sh:*:*:*:*:*:*:*
- cpe:2.3:h:softbank:disney_mobile_android_smartphone:dm012sh:*:*:*:*:*:*:*
- cpe:2.3:a:willcom-inc:wi-fi_application:*:*:*:*:*:*:*:*
- cpe:2.3:h:willcom-inc:android_smartphone:wx04k:*:*:*:*:*:*:*
- cpe:2.3:h:willcom-inc:android_smartphone:wx06k:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-2310
0.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-2310
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST |
CWE ids for CVE-2013-2310
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-2310
-
http://jvn.jp/en/jp/JVN85371480/397327/index.html
Japan Vulnerability Notes/Information from SoftBank
-
http://jvn.jp/en/jp/JVN85371480/995417/index.html
Japan Vulnerability Notes/Information from Disney Mobile on SoftBank
-
http://jvn.jp/en/jp/JVN85371480/index.html
JVN#85371480: Wi-Fi Spot Configuration Software vulnerability in the connection process
-
http://jvn.jp/en/jp/JVN85371480/995319/index.html
Japan Vulnerability Notes/Information from WILLCOM
-
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039
JVNDB-2013-000039 - JVN iPedia - 脆弱性対策情報データベース
Jump to