Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False.
References
Link | Resource |
---|---|
https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=65 | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2021-12-14 18:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-43388
Mitre link : CVE-2021-43388
CVE.ORG link : CVE-2021-43388
JSON object : View
Products Affected
unisys
- cargo_mobile
CWE
CWE-312
Cleartext Storage of Sensitive Information