PT-2019-17949 · Rakuma · Rakuma App For Ios+1

Gaku Mochizuki

Published

2019-12-26

Updated

2020-01-02

CVE-2019-6024

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Rakuma App for Android versions 7.15.0 and earlier Rakuma App for iOS versions 7.16.4 and earlier

Description The issue allows an attacker to bypass authentication and obtain a user's authentication information through a malicious application created by a third party.

Recommendations For Rakuma App for Android versions 7.15.0 and earlier, update to a version later than 7.15.0 to resolve the issue. For Rakuma App for iOS versions 7.16.4 and earlier, update to a version later than 7.16.4 to resolve the issue.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2019-6024

Affected Products

Rakuma App For Android

Rakuma App For Ios

PT-2019-17949 · Rakuma · Rakuma App For Ios+1

CVE-2019-6024

Weakness Enumeration

Related Identifiers

Affected Products

References · 5