CVE-2019-5626

Name of the Vulnerable Software and Affected Versions BlueCats Reveal versions prior to 3.0.19

Description The issue allows an attacker to compromise the affected BlueCats network implementation by accessing a clear text file that stores the username and password. This file remains on the device until the user logs out or the session times out after 30 days of inactivity. To exploit this, an attacker would first need to gain physical control of the Android device or compromise it with a malicious app.

Recommendations For versions prior to 3.0.19, update to version 3.0.19 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and implementing additional security measures to prevent unauthorized physical or remote access to the Android device.