PT-2018-13180 · Breustedt · Mensamax
Stefan Pietsch
·
Publicado
2018-10-02
·
Atualizado
2019-10-03
·
CVE-2018-15752
CVSS v3.1
8.1
Alta
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MensaMax (aka com.breustedt.mensamax) version 4.3
Description
The issue allows man-in-the-middle attackers to eavesdrop on authentication information between the application and the server due to cleartext transmission of sensitive information.
Recommendations
For MensaMax version 4.3, consider implementing encryption for sensitive information transmission to prevent eavesdropping. As a temporary workaround, restrict the use of the application on unsecured networks to minimize the risk of exploitation.
Exploit
Correção
Cleartext Transmission of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mensamax