Vulnerabilities
Vulnerable Software
Aremis:  >> Aremis 4 Nomads  Security Vulnerabilities
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-02-27
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database.
CVSS Score
7.7
EPSS Score
0.0
Published
2023-02-27
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.
CVSS Score
4.1
EPSS Score
0.0
Published
2023-02-27


Contact Us

Shodan ® - All rights reserved