Search criteria
3 vulnerabilities by gm
CVE-2017-9663 (GCVE-0-2017-9663)
Vulnerability from cvelistv5 – Published: 2018-01-09 21:00 – Updated: 2024-08-05 17:18
VLAI?
Summary
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | General Motors and Shanghai OnStar (SOS) iOS Client |
Affected:
General Motors and Shanghai OnStar (SOS) iOS Client
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:00.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "General Motors and Shanghai OnStar (SOS) iOS Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
],
"datePublic": "2018-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-12T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-9663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "General Motors and Shanghai OnStar (SOS) iOS Client",
"version": {
"version_data": [
{
"version_value": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-9663",
"datePublished": "2018-01-09T21:00:00",
"dateReserved": "2017-06-14T00:00:00",
"dateUpdated": "2024-08-05T17:18:00.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12697 (GCVE-0-2017-12697)
Vulnerability from cvelistv5 – Published: 2018-01-09 21:00 – Updated: 2024-08-05 18:43
VLAI?
Summary
A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | General Motors and Shanghai OnStar (SOS) iOS Client |
Affected:
General Motors and Shanghai OnStar (SOS) iOS Client
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "General Motors and Shanghai OnStar (SOS) iOS Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
],
"datePublic": "2018-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-300",
"description": "CWE-300",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-12T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-12697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "General Motors and Shanghai OnStar (SOS) iOS Client",
"version": {
"version_data": [
{
"version_value": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-300"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-12697",
"datePublished": "2018-01-09T21:00:00",
"dateReserved": "2017-08-09T00:00:00",
"dateUpdated": "2024-08-05T18:43:56.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12695 (GCVE-0-2017-12695)
Vulnerability from cvelistv5 – Published: 2018-01-09 21:00 – Updated: 2024-08-05 18:43
VLAI?
Summary
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | General Motors and Shanghai OnStar (SOS) iOS Client |
Affected:
General Motors and Shanghai OnStar (SOS) iOS Client
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "General Motors and Shanghai OnStar (SOS) iOS Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
],
"datePublic": "2018-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-12T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-12695",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "General Motors and Shanghai OnStar (SOS) iOS Client",
"version": {
"version_data": [
{
"version_value": "General Motors and Shanghai OnStar (SOS) iOS Client"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
},
{
"name": "102481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-12695",
"datePublished": "2018-01-09T21:00:00",
"dateReserved": "2017-08-09T00:00:00",
"dateUpdated": "2024-08-05T18:43:56.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}