CVE-2024-12604

Summary

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.

This issue affects Tap&Sign App: before V.1.025.

Affected Software

VendorProductVersion RangeStatus
Tapandsign TechnologiesTap&Sign App0 < V.1.025affected

Weaknesses

  • CWE-526: CWE-526 Cleartext Storage of Sensitive Information in an Environment Variable
  • CWE-640: CWE-640 Weak Password Recovery Mechanism for Forgotten Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References