exploitDog

CVE-2017-15998

Опубликовано: 29 окт. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network.

Ссылки

https://1337sec.blogspot.de/2017/10/auditing-nq-contacts-backup-restore-11.html
Third Party Advisory
https://1337sec.blogspot.de/2017/10/auditing-nq-contacts-backup-restore-11.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nq:contacts_backup_\&_restore:1.1:*:*:*:*:android:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-327

Связанные уязвимости

GHSA-6chq-6q95-5ff8

CVSS3: 7.5

github

больше 3 лет назад

In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network.

EPSS

Процентиль: 24%

0.00079

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-327