Unencrypted Credentials Leak in TigerText Free Private Texting App

Unencrypted Credentials Leak in TigerText Free Private Texting App

CVE-2013-0128 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint.

Learn more about our Cis Benchmark Audit For Apple Ios.