PT-2019-13015 · Microsoft+2 · Outlook+2
Published
2019-07-17
·
Updated
2020-08-24
·
CVE-2019-12911
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Redbrick Shift versions through 3.4.3
Description
The issue allows an attacker to extract authentication tokens of services, such as Gmail and Outlook, used in the application.
Recommendations
For versions through 3.4.3, update to a version that contains a fix for this issue to prevent authentication token extraction.
Fix
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gmail
Outlook
Redbrick Shift