216.73.217.172

CVE-2024-6295

· Published 25/06/2024 03:15 · Modified 25/06/2024 12:24

Labels: CVE-2024-6295 2024-06-25CVE-2024-6295CWE-922[email protected]

Essential information

Published
25/06/2024 03:15
Modified
25/06/2024 12:24
Author
Creator
CVSS
3.9 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References