Goisi Han

Name of the Vulnerable Software and Affected Versions: Taidii Diibear Android application version 2.4.0 and its derivatives Description: The issue allows attackers to obtain user credentials from an Android backup due to insecure application configuration. Recommendations: For Taidii Diibear Android application version 2.4.0 and its derivatives, consider restricting access to the application's backup data to minimize the risk of exploitation until a secure configuration is implemented.

Name of the Vulnerable Software and Affected Versions: Taidii Diibear Android application version 2.4.0 and its derivatives Description: The issue allows attackers to obtain user credentials from `Shared Preferences` and the `SQLite database` due to insecure data storage. Recommendations: For Taidii Diibear Android application version 2.4.0 and its derivatives, consider implementing secure data storage practices to protect user credentials. As a temporary workaround, restrict access to sensitive data stored in `Shared Preferences` and the `SQLite database` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.