CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-11384

The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e. plain text), which allows a non-root user to find out the username/password of a valid user via /data/data/com.zalora.android/shared_prefs/login_data.xml.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 5.0

References

https://pastebin.com/c90h9WfB
https://pastebin.com/c90h9WfB

Products affected by CVE-2019-11384

Zalora » Zalora » Version: 6.15.1

cpe:2.3:a:zalora:zalora:6.15.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11384

Products

Pricing

Contact Us