Vulnerability CVE-2020-1902


Published: 2020-10-06

Description:
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Whatsapp -> Whatsapp 
Whatsapp -> Whatsapp business 

 References:
https://www.whatsapp.com/security/advisories/2020/

Copyright 2024, cxsecurity.com

 

Back to Top