exploitDog

GHSA-gf9h-xgqf-wjrr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.

Ссылки

EPSS

Процентиль: 56%

0.00342

Низкий

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2020-8988

CVSS3: 5.9

nvd

почти 6 лет назад

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.

EPSS

Процентиль: 56%

0.00342

Низкий

CVE ID

Дефекты

CWE-522