CVE-2018-12076
Last modified
CVE-2018-12076 is a vulnerability of currently unknown severity. A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. The vulnerability is due to lack of proper validation of the UPC bar code present on the MarketCard. EPSS estimates a 0.28% chance of exploitation in the next 30 days.
Description
A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. The vulnerability is due to lack of proper validation of the UPC bar code present on the MarketCard. An attacker could exploit this vulnerability by generating a copy of a customer's bar code. An exploit could allow the attacker to access all funds located within the MarketCard or allow unauthenticated disclosure of information.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Avantimarkets | Market Card | All versions |
References
- https://sorsnce.com/2018/11/13/announcing-cve-2018-12076/Third Party Advisory, URL Repurposed
- https://sorsnce.com/2018/11/13/announcing-cve-2018-12076/Third Party Advisory, URL Repurposed
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-12076?
How severe is CVE-2018-12076?
How do I fix CVE-2018-12076?
Are you affected by CVE-2018-12076?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST