galapogos/Taidii-Diibear-Vulnerabilities

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-35454 ↗	Mar 17, 2021Wednesday, 17 March 2021, 15:15	6.8 MEDIUM	2.1 LOW
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.
CVE-2020-35455 ↗	Mar 17, 2021Wednesday, 17 March 2021, 15:15	7.8 HIGH	2.1 LOW
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.
CVE-2020-35456 ↗	Mar 17, 2021Wednesday, 17 March 2021, 15:15	5.5 MEDIUM	4.3 MEDIUM
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging.