PT-2017-15510 · Google · Files App

Published

2017-11-22

Updated

2019-10-03

CVE-2017-2723

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions The Files APP versions 7.1.1.308 and earlier

Description The issue concerns the plaintext storage of users' Safe passwords in the affected software. An attacker with root privilege of an Android system could exploit this to read users' plaintext Safe passwords, resulting in information leak.

Recommendations For versions 7.1.1.308 and earlier, update to a version that fixes the plaintext storage of users' Safe passwords to prevent information leak.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

CVE-2017-2723

Affected Products

Files App

PT-2017-15510 · Google · Files App

CVE-2017-2723

Weakness Enumeration

Related Identifiers

Affected Products

References · 3