PT-2019-17949 · Rakuma · Rakuma App For Ios+1

Gaku Mochizuki

Publicado

2019-12-26

Atualizado

2020-01-02

CVE-2019-6024

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Rakuma App for Android versions 7.15.0 and earlier Rakuma App for iOS versions 7.16.4 and earlier

Description The issue allows an attacker to bypass authentication and obtain a user's authentication information through a malicious application created by a third party.

Recommendations For Rakuma App for Android versions 7.15.0 and earlier, update to a version later than 7.15.0 to resolve the issue. For Rakuma App for iOS versions 7.16.4 and earlier, update to a version later than 7.16.4 to resolve the issue.

Correção

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2019-6024

Produtos afetados

Rakuma App For Android

Rakuma App For Ios

PT-2019-17949 · Rakuma · Rakuma App For Ios+1

CVE-2019-6024

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5