CVE-2022-34910

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.
Configurations

Configuration 1 (hide)

cpe:2.3:a:aremis:aremis_4_nomads:*:*:*:*:*:android:*:*

History

21 Nov 2024, 07:10

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 4.1
References () https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - Third Party Advisory () https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - Third Party Advisory
References () https://www.aremis.com/en_GB/welcome - Not Applicable () https://www.aremis.com/en_GB/welcome - Not Applicable

07 Mar 2023, 16:54

Type Values Removed Values Added
CWE CWE-312
References (MISC) https://www.aremis.com/en_GB/welcome - (MISC) https://www.aremis.com/en_GB/welcome - Not Applicable
References (MISC) https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - (MISC) https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - Third Party Advisory
CPE cpe:2.3:a:aremis:aremis_4_nomads:*:*:*:*:*:android:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

27 Feb 2023, 15:20

Type Values Removed Values Added
New CVE

Information

Published : 2023-02-27 13:15

Updated : 2024-11-21 07:10


NVD link : CVE-2022-34910

Mitre link : CVE-2022-34910

CVE.ORG link : CVE-2022-34910


JSON object : View

Products Affected

aremis

  • aremis_4_nomads
CWE
CWE-312

Cleartext Storage of Sensitive Information