Lucene search
CertccCVELIST:CVE-2016-6538HistoryJul 06, 2018 - 9:00 p.m.
CVE-2016-6538 TrackR Bravo mobile application stores account passwords in cleartext
2018-07-0621:00:00
CWE-313
certcc
www.cve.org
The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.
CNA Affected
[
{
"platforms": [
"iOS"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "5.1.6"
}
]
},
{
"platforms": [
"Android"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "2.2.5"
}
]
}
]Related
cert
cert
TrackR Bravo contains multiple vulnerabilities
2016-10-25 00:00:00
cve
cve
nvd
nvd
prion
prion
Improper access control
2018-07-06 21:29:00
Code injection
2018-07-06 21:29:00
Code injection
2018-07-06 21:29:00
cvelist
cvelist
securelist
securelist
I know where your pet is
2018-05-22 10:00:52