CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17108

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 4.3

References

https://github.com/magicj3lly/appexploits/blob/master/SBI_Buddy_AuthenticationBypass.pdf
https://github.com/magicj3lly/appexploits/blob/master/SBI_Buddy_AuthenticationBypass.pdf

Products affected by CVE-2018-17108

Sbi » Sbi Buddy » Version: 1.41

cpe:2.3:a:sbi:sbi_buddy:1.41
Sbi » Sbi Buddy » Version: 1.42

cpe:2.3:a:sbi:sbi_buddy:1.42

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17108

Products

Pricing

Contact Us