exploitDog

CVE-2018-11242

Опубликовано: 20 мая 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.

Ссылки

https://gist.github.com/NinjaXshell/ba0aeee4b77b4bdea76d0c0c095d53b1
Third Party Advisory
https://www.exploit-db.com/exploits/44690/
Exploit
Third Party Advisory
VDB Entry
https://gist.github.com/NinjaXshell/ba0aeee4b77b4bdea76d0c0c095d53b1
Third Party Advisory
https://www.exploit-db.com/exploits/44690/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:makemytrip:makemytrip:7.2.4:*:*:*:*:android:*:*

EPSS

Процентиль: 88%

0.04084

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-3cmf-2r4c-r97p

CVSS3: 6.5

github

больше 3 лет назад

An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.

EPSS

Процентиль: 88%

0.04084

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-312