CVE-2020-35455

Sažetak

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.

Reference

https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/
https://play.google.com/store/apps/details?id=com.taidii.diibear&hl=en_US&gl=US

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

12-07-2022 - 17:42

Objavljeno

17-03-2021 - 15:15