Account Takeover Vulnerability in SBIbuddy Android Application (Versions 1.41 and 1.42)
CVE-2018-17108 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.
Learn more about our Cis Benchmark Audit For Google Android.