PT-2018-14810 · Google+1 · Google Cardboard+1

Publicado

2018-11-08

Atualizado

2019-10-03

CVE-2018-19111

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Google Cardboard application version 1.8 for Android Google Cardboard application version 1.2 for iOS

Description The issue concerns the transmission of potentially private cleartext information to the Unity 3D Stats web site. This includes details such as device make, model, and OS.

Recommendations For Google Cardboard application version 1.8 on Android, consider restricting access to sensitive device information until a patch is available. For Google Cardboard application version 1.2 on iOS, consider restricting access to sensitive device information until a patch is available.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2018-19111

Produtos afetados

Google Cardboard

Unity 3D

PT-2018-14810 · Google+1 · Google Cardboard+1

CVE-2018-19111

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3