PT-2019-13015 · Microsoft+2 · Outlook+2
Publicado
2019-07-17
·
Atualizado
2020-08-24
·
CVE-2019-12911
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Redbrick Shift versions through 3.4.3
Description
The issue allows an attacker to extract authentication tokens of services, such as Gmail and Outlook, used in the application.
Recommendations
For versions through 3.4.3, update to a version that contains a fix for this issue to prevent authentication token extraction.
Correção
Insecure Storage of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gmail
Outlook
Redbrick Shift