Insecure Random Number Generator in SAP Customer Data Cloud (Gigya) Android App: Predictable Random Numbers Vulnerability

CVE-2022-41210 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings.

Learn more about our Cis Benchmark Audit For Google Android.