Unauthenticated Physical Attackers Can Access Sensitive User Information via Juiker App's Debug Logs

Unauthenticated Physical Attackers Can Access Sensitive User Information via Juiker App's Debug Logs

CVE-2022-39043 · LOW Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Juiker app stores debug logs which contains sensitive information to mobile external storage. An unauthenticated physical attacker can access these files to acquire partial user information such as personal contacts.

Learn more about our Contact.