1. Home
  2. CVE Database
  3. CVE-2011-4872
LOW · 2.6

CVE-2011-4872

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40...

Vulnerability Description

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.

CVSS Score

2.6

LOW

AV:N/AC:H/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HtcDesire Hdfrg83d
HtcDesire Sgri40
HtcDroid Incrediblefrf91
HtcEvo 3Dgri40
HtcEvo 4Ggri40
HtcGlacierfrg83
HtcSensation 4Ggri40
HtcSensation Z710Egri40
HtcThunderbolt 4Gfrg83d

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2011-4872?

CVE-2011-4872 is a vulnerability with a CVSS score of 2.6 (LOW). Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40...

How severe is CVE-2011-4872?

CVE-2011-4872 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-4872?

Check the references section above for vendor advisories and patch information. Affected products include: Htc Desire Hd, Htc Desire S, Htc Droid Incredible, Htc Evo 3D, Htc Evo 4G.