Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4872


Vulnerability Score 2.6 2.6
CVE Id CVE-2011-4872
Last Modified 16 Feb 2012 12:00:00
Published 05 Feb 2012 06:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.

Vulnerable Systems


CERT-VN - VU#763355

BID - 51790

SECUNIA - 47837


BUGTRAQ - 20120201 802.1X password exploit on many HTC Android devices

Last Updated: 27 May 2016 10:57:24