Описание
The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.1 (включая)
cpe:2.3:a:tigertext:tigertext:*:-:*:*:*:iphone_os:*:*
EPSS
Процентиль: 56%
0.00338
Низкий
5 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
почти 4 года назад
The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint.
EPSS
Процентиль: 56%
0.00338
Низкий
5 Medium
CVSS2
Дефекты
CWE-255