PT-2018-17300 · Tinder · Tinder Android App+1

Erez Yalon

Publicado

2018-01-24

Atualizado

2019-10-03

CVE-2018-6017

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Tinder iOS app (affected versions not specified) Tinder Android app (affected versions not specified)

Description The issue concerns the unencrypted transmission of images in the Tinder app, which allows an attacker to extract private sensitive information by sniffing network traffic.

Recommendations For Tinder iOS app, update to a version that implements encrypted image transmission to prevent sensitive information from being extracted. For Tinder Android app, update to a version that implements encrypted image transmission to prevent sensitive information from being extracted.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2018-6017

Produtos afetados

Tinder Android App

Tinder Ios App

PT-2018-17300 · Tinder · Tinder Android App+1

CVE-2018-6017

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3