Insecure Data Storage in Taidii Diibear Android Application 2.4.0 and Derivatives: User Credential Vulnerability

Insecure Data Storage in Taidii Diibear Android Application 2.4.0 and Derivatives: User Credential Vulnerability

CVE-2020-35455 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.

Learn more about our Cis Benchmark Audit For Google Android.