CVE-2013-6986

high

Description

The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.

References

http://seclists.org/fulldisclosure/2013/Dec/39

http://packetstormsecurity.com/files/124330/ZippyYum-3.4-Insecure-Data-Storage.html

http://osvdb.org/100745

http://archives.neohapsis.com/archives/bugtraq/2013-12/0040.html

Details

Source: Mitre, NVD

Published: 2013-12-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.0007