CVE-2017-9819

The National Payments Corporation of India BHIM application 1.3 for Android does not properly restrict use of the OTP feature, which makes it easier for attackers to bypass authentication.
Configurations

Configuration 1 (hide)

cpe:2.3:a:npci:bharat_interface_for_money_\(bhim\):1.3:*:*:*:*:android:*:*

History

21 Nov 2024, 03:36

Type Values Removed Values Added
References () https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf - Broken Link () https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf - Broken Link

Information

Published : 2018-08-24 21:29

Updated : 2024-11-21 03:36


NVD link : CVE-2017-9819

Mitre link : CVE-2017-9819

CVE.ORG link : CVE-2017-9819


JSON object : View

Products Affected

npci

  • bharat_interface_for_money_\(bhim\)
CWE
CWE-287

Improper Authentication