CVE-2022-34910

Name of the Vulnerable Software and Affected Versions A4N (Aremis 4 Nomad) version 1.5.0

Description An issue was discovered in the A4N application for Android, where it uses a local database to store data and accounts. However, the password is stored in cleartext, allowing an attacker to retrieve the passwords of other users who used the same device.

Recommendations For version 1.5.0, consider implementing proper password storage mechanisms, such as hashing and salting, to protect user passwords. As a temporary workaround, restrict access to the local database to minimize the risk of exploitation.