Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRapid7CVELIST:CVE-2023-5879
HistoryJan 03, 2024 - 7:15 p.m.

CVE-2023-5879 Aladdin Connect Android Application Insecure Storage

2024-01-0319:15:59
CWE-922
rapid7
www.cve.org
6
cve-2023-5879
genie company
android devices
clear text authentication credentials

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

21.5%

JSON

Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users’ clear text authentication credentials.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Android"
    ],
    "product": "Aladdin Connect Mobile Application",
    "vendor": "The Genie Company",
    "versions": [
      {
        "lessThanOrEqual": "<=5.65 Build 2075",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Related

nvd 1
prion 1
cve 1
rapid7blog 1
nvd
nvd
CVE-2023-5879
2024-01-03 20:15:21
prion
prion
Authentication flaw
2024-01-03 20:15:00
cve
cve
CVE-2023-5879
2024-01-03 20:15:21
rapid7blog
rapid7blog
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities
2024-01-03 18:58:10

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

21.5%

JSON
Related for CVELIST:CVE-2023-5879
nvd1prion1cve1rapid7blog1