CVE-2024-7697

Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.
Configurations

Configuration 1 (hide)

cpe:2.3:a:transsion:carlcare:5.9.5:*:*:*:*:*:*:*

History

06 Sep 2024, 18:04

Type Values Removed Values Added
CPE cpe:2.3:a:transsion:carlcare:5.9.5:*:*:*:*:*:*:*
References () https://security.tecno.com/SRC/blogdetail/294?lang=en_US - () https://security.tecno.com/SRC/blogdetail/294?lang=en_US - Vendor Advisory
References () https://security.tecno.com/SRC/securityUpdates?type=SA - () https://security.tecno.com/SRC/securityUpdates?type=SA - Vendor Advisory
CWE NVD-CWE-noinfo
First Time Transsion
Transsion carlcare

21 Aug 2024, 06:15

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad lógica en la aplicación móvil (com.transsion.carlcare) puede generar riesgos de fuga de información del usuario.
References
  • {'url': 'https://security.tecno.com/SRC/securityUpdates', 'source': '907edf6c-bf03-423e-ab1a-8da27e1aa1ea'}
  • () https://security.tecno.com/SRC/securityUpdates?type=SA -
CWE CWE-863

12 Aug 2024, 15:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-200

12 Aug 2024, 13:41

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 13:38

Updated : 2024-09-06 18:04


NVD link : CVE-2024-7697

Mitre link : CVE-2024-7697

CVE.ORG link : CVE-2024-7697


JSON object : View

Products Affected

transsion

  • carlcare
CWE
NVD-CWE-noinfo CWE-863

Incorrect Authorization

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor