CVE-2023-5879

Summary

Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users' clear text authentication credentials.

Affected Software

VendorProductVersion RangeStatus
The Genie CompanyAladdin Connect Mobile Application0 <= <=5.65 Build 2075affected

Weaknesses

  • CWE-922: CWE-922 Insecure Storage of Sensitive Information

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References