PT-2018-11767 · Anda · Anda App
Gustavo Silva
·
Publicado
2018-10-24
·
Atualizado
2019-01-09
·
CVE-2018-13342
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Anda app (affected versions not specified)
Description
The issue concerns the server API in the Anda app, which relies on hardcoded credentials.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Anda App