CVE-2015-8512

4.6MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox Os
Vendor: CVE Published:; 9 January 2016

Summary

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.

References

http://www.mozilla.org/security/announce/2015/mfsa2015-15...

x_refsource_CONFIRM

https://bugzilla.mozilla.org/show_bug.cgi?id=1181571

x_refsource_CONFIRM

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2016
Vulnerability Reserved
Dec 8, 2015