RSS   Vulnerabilities for 'Diibear'   RSS

2021-03-17
 
CVE-2020-35456

CWE-319
 

 
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging.

 
 
CVE-2020-35455

CWE-522
 

 
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.

 
 
CVE-2020-35454

CWE-522
 

 
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.

 


Copyright 2024, cxsecurity.com

 

Back to Top