CVE-2013-5113 Information
Feb 14, 2021
cve
Description
LastPass prior to 2.5.1 has an insecure PIN implementation.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://blog.c22.cc/2013/09/05/a-sneak-peak-into-android-secure-containers-2/ https://blog.c22.cc/advisories/cve-2013-51135114-lastpass-android-container-pin-and-auto-wipe-security-feature-bypass/ https://www.securityfocus.com/archive/1/529783
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
6.8
Share on: