CVE-2017-12697
MEDIUMGM Shanghai OnStar iOS Client 7.1 - Man-in-the-Middle Information Disclosure
Title source: llmDescription
A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server.
References (2)
Core 2
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/102481
Scores
CVSS v3
5.9
EPSS
0.0143
EPSS Percentile
69.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
CWE-300
Status
published
Products (1)
gm/shanghai_onstar
7.1
Published
Jan 09, 2018
Tracked Since
Feb 18, 2026