Filtered by vendor Aremis
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34910 | 1 Aremis | 1 Aremis 4 Nomads | 2024-11-21 | N/A | 4.1 MEDIUM |
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device. | |||||
CVE-2022-34909 | 1 Aremis | 1 Aremis 4 Nomads | 2024-11-21 | N/A | 7.7 HIGH |
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database. | |||||
CVE-2022-34908 | 1 Aremis | 1 Aremis 4 Nomads | 2024-11-21 | N/A | 8.2 HIGH |
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data. |