CVE-2015-1598

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
siemensspcanywhere
𝑥
≤ 1.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-185226.pdf
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-185226.pdf