Insecure Transmission of Contact Data in NQ Contacts Backup & Restore Application

Insecure Transmission of Contact Data in NQ Contacts Backup & Restore Application

CVE-2017-15998 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network.

Learn more about our Cis Benchmark Audit For Google Android.