Attacker Value
High
(3 users assessed)
Exploitability
Low
(3 users assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Network
0

CVE-2020-9337

Disclosure Date: February 26, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request.

Add Assessment

3
Ratings
Technical Analysis

Recap

Nothing deep, passwords are sent using Base64.

Requires

Ability to monitor networking traffic during user authentification.

Loot

Possibility to retrieve and decode users’ passwords and gain access to their accounts.

2
Ratings
Technical Analysis

This exploit is fairly straight forward, for an actor to exploit this they would only have to intercept the networking traffic sent when a user submits their credentials for authentication. Because of the weak encoding used (Base64) it would be easy to decode and gain access to a users credentials allowing potential account takeovers.

The only difficulty is the lack of connectivity that the affected devices have.

2
Ratings
  • Attacker Value
    High
  • Exploitability
    Very Low
Technical Analysis

There’s not a lot of information about this CVE, however the notice does give us some insight. This appears to me to be a simple Man-In-The-Middle attack: one that you’d be incredibly lucky to have a use for in the wild. As such, useability for this CVE is low. If kmore information comes forward regarding this CVE, I shall update my assessment accordingly.

CVSS V3 Severity and Metrics
Base Score:
6.5 Medium
Impact Score:
3.6
Exploitability Score:
2.8
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Vendors

  • golfbuddyglobal

Products

  • course manager 1.1

Additional Info

Technical Analysis