PT-2022-22954 · Hulu · Hulu App For Android
Ryo Sato
·
Published
2022-08-16
·
Updated
2023-03-01
·
CVE-2022-35734
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Hulu App for Android versions 3.0.47 through 3.1.1
Description
The issue concerns the use of a hard-coded API key for an external service in the Hulu App for Android. This could potentially allow the API key to be obtained by analyzing the app's data, thus compromising the security of the external service.
Recommendations
For Hulu App for Android versions 3.0.47 through 3.1.1, consider updating to version 3.1.2 or later to resolve the issue.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hulu App For Android