PT-2019-19127 · Apple · Texture

David Coomber

Publicado

2019-12-18

Atualizado

2022-04-12

CVE-2019-8632

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Texture versions prior to 5.11.10 for iOS Texture versions prior to 4.22.0.4 for Android

Description The issue allowed some analytics data to be sent over HTTP instead of HTTPS, potentially exposing it to interception by an attacker in a privileged network position. This could have been exploited to obtain sensitive information.

Recommendations For Texture versions prior to 5.11.10 for iOS, update to version 5.11.10 or later. For Texture versions prior to 4.22.0.4 for Android, update to version 4.22.0.4 or later.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2019-8632

Produtos afetados

Texture

PT-2019-19127 · Apple · Texture

CVE-2019-8632

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5