Vulnerabilities > CVE-2008-4540 - Credentials Management vulnerability in Microsoft Windows Mobile 6.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

CWE-255

NVD

Published: 2008-10-13

Updated: 2018-10-11

Summary

Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.

Vulnerable Configurations

Part	Description	Count
Hardware	Htc HTC Hermes *	1
OS	Microsoft Microsoft Windows Mobile 6.0	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://securityreason.com/securityalert/4402
https://exchange.xforce.ibmcloud.com/vulnerabilities/45857
http://www.securityfocus.com/archive/1/497151/100/0/threaded