CVE-2023-5879
6.8
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users' clear text authentication credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| The Genie Company | Aladdin Connect Mobile Application | 0 <= <=5.65 Build 2075 | affected |
Weaknesses
- CWE-922: CWE-922 Insecure Storage of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.