Insecure Storage of Credentials in PowerSchool Mobile Application for Android
CVE-2019-17396 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
Learn more about our Cis Benchmark Audit For Google Android.