CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
21.5%
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users’ clear text authentication credentials.
Vendor | Product | Version | CPE |
---|---|---|---|
geniecompany | aladdin_connect | * | cpe:2.3:a:geniecompany:aladdin_connect:*:*:*:*:*:android:*:* |
[
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Aladdin Connect Mobile Application",
"vendor": "The Genie Company",
"versions": [
{
"lessThanOrEqual": "<=5.65 Build 2075",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]