Search criteria
3 vulnerabilities by taidii
CVE-2020-35454 (GCVE-0-2020-35454)
Vulnerability from cvelistv5 – Published: 2021-03-17 14:58 – Updated: 2024-08-04 17:02
VLAI
Summary
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://play.google.com/store/apps/details?id=com… | x_refsource_MISC |
| https://github.com/galapogos/Taidii-Diibear-Vulne… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:02:07.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-17T14:58:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"name": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/",
"refsource": "MISC",
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35454",
"datePublished": "2021-03-17T14:58:58.000Z",
"dateReserved": "2020-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:02:07.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35455 (GCVE-0-2020-35455)
Vulnerability from cvelistv5 – Published: 2021-03-17 14:58 – Updated: 2024-08-04 17:02
VLAI
Summary
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://play.google.com/store/apps/details?id=com… | x_refsource_MISC |
| https://github.com/galapogos/Taidii-Diibear-Vulne… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:02:08.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-17T14:58:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"name": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/",
"refsource": "MISC",
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35455",
"datePublished": "2021-03-17T14:58:14.000Z",
"dateReserved": "2020-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:02:08.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35456 (GCVE-0-2020-35456)
Vulnerability from cvelistv5 – Published: 2021-03-17 14:56 – Updated: 2024-08-04 17:02
VLAI
Summary
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://play.google.com/store/apps/details?id=com… | x_refsource_MISC |
| https://github.com/galapogos/Taidii-Diibear-Vulne… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:02:08.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-17T14:56:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=com.taidii.diibear\u0026hl=en_US\u0026gl=US"
},
{
"name": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/",
"refsource": "MISC",
"url": "https://github.com/galapogos/Taidii-Diibear-Vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35456",
"datePublished": "2021-03-17T14:56:44.000Z",
"dateReserved": "2020-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:02:08.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}