PT-2020-17876 · Hcl · Hcl Verse For Android

Published

2020-07-15

Updated

2020-07-22

CVE-2020-4100

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions HCL Verse for Android (affected versions not specified)

Description The issue concerns the use of dynamic code loading in HCL Verse for Android. This mechanism allows developers to specify which components of the application should not be loaded by default when the application is started. While dynamic code loading can have a positive impact on performance or grant additional functionality, such as a non-invasive update feature, it can also open the application to loading unintended code if not implemented properly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-913

Related Identifiers

CVE-2020-4100

Affected Products

Hcl Verse For Android

PT-2020-17876 · Hcl · Hcl Verse For Android

CVE-2020-4100

Weakness Enumeration

Related Identifiers

Affected Products

References · 4