An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.
References
Link | Resource |
---|---|
https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 | Third Party Advisory |
https://www.aremis.com/en_GB/welcome | Not Applicable |
https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 | Third Party Advisory |
https://www.aremis.com/en_GB/welcome | Not Applicable |
Configurations
History
21 Nov 2024, 07:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.1 |
References | () https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - Third Party Advisory | |
References | () https://www.aremis.com/en_GB/welcome - Not Applicable |
07 Mar 2023, 16:54
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-312 | |
References | (MISC) https://www.aremis.com/en_GB/welcome - Not Applicable | |
References | (MISC) https://excellium-services.com/cert-xlm-advisory/CVE-2022-34910 - Third Party Advisory | |
CPE | cpe:2.3:a:aremis:aremis_4_nomads:*:*:*:*:*:android:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
27 Feb 2023, 15:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-27 13:15
Updated : 2024-11-21 07:10
NVD link : CVE-2022-34910
Mitre link : CVE-2022-34910
CVE.ORG link : CVE-2022-34910
JSON object : View
Products Affected
aremis
- aremis_4_nomads
CWE
CWE-312
Cleartext Storage of Sensitive Information