Lucene search

MitreCVE-2019-17394

HistoryOct 15, 2019 - 9:15 p.m.

CVE-2019-17394

2019-10-1521:15:10

CWE-532

mitre

web.nvd.nist.gov

seesaw

family

android

security

authentication

logcat

cve-2019-17394

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.007

Percentile

79.7%

JSON

In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

Affected configurations

Nvd

Node

seesawparent_and_familyMatch6.2.5android

VendorProductVersionCPE
seesawparent_and_family6.2.5cpe:2.3:a:seesaw:parent_and_family:6.2.5:*:*:*:*:android:*:*

Vendor	Product	Version	CPE
seesaw	parent_and_family	6.2.5	cpe:2.3:a:seesaw:parent_and_family:6.2.5:::::android::

References

pastebin.com/h8v0qxZH

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.007

Percentile

79.7%

JSON

Related for CVE-2019-17394