PT-2018-17300 · Tinder · Tinder Android App+1

Erez Yalon

Published

2018-01-24

Updated

2019-10-03

CVE-2018-6017

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Tinder iOS app (affected versions not specified) Tinder Android app (affected versions not specified)

Description The issue concerns the unencrypted transmission of images in the Tinder app, which allows an attacker to extract private sensitive information by sniffing network traffic.

Recommendations For Tinder iOS app, update to a version that implements encrypted image transmission to prevent sensitive information from being extracted. For Tinder Android app, update to a version that implements encrypted image transmission to prevent sensitive information from being extracted.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2018-6017

Affected Products

Tinder Android App

Tinder Ios App

PT-2018-17300 · Tinder · Tinder Android App+1

CVE-2018-6017

Weakness Enumeration

Related Identifiers

Affected Products

References · 3