Описание
Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 20.11.0 (исключая)
cpe:2.3:a:citrix:secure_mail:*:*:*:*:*:android:*:*
EPSS
Процентиль: 58%
0.0037
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-284
CWE-269
Связанные уязвимости
github
больше 3 лет назад
Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
EPSS
Процентиль: 58%
0.0037
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-284
CWE-269