Vulnerability Details CVE-2019-13100
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
Products affected by CVE-2019-13100
-
cpe:2.3:a:send-anywhere:send_anywhere:9.4.18