CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17404

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number (from a government-issued ID), and date of birth.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.6%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 2.6

References

https://github.com/magicj3lly/appexploits/blob/master/SBI_PrivacyViolation.pdf
https://github.com/magicj3lly/appexploits/blob/master/SBI_PrivacyViolation.pdf

Products affected by CVE-2018-17404

Sbi » Sbi Buddy » Version: 1.41

cpe:2.3:a:sbi:sbi_buddy:1.41
Sbi » Sbi Buddy » Version: 1.42

cpe:2.3:a:sbi:sbi_buddy:1.42

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17404

Products

Pricing

Contact Us