CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17499

Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 15.2%

CVSS Severity

CVSS v3 Score 2.9

CVSS v2 Score 2.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/149659
https://exchange.xforce.ibmcloud.com/vulnerabilities/149659

Products affected by CVE-2018-17499

Envoy » Passport » Version: 2.2.5

cpe:2.3:a:envoy:passport:2.2.5
Envoy » Passport » Version: 2.4.0

cpe:2.3:a:envoy:passport:2.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17499

Products

Pricing

Contact Us