Lucene search
CertccCVELIST:CVE-2016-6548HistoryJul 13, 2018 - 8:00 p.m.
CVE-2016-6548 Zizai Tech Nut mobile application makes requests using HTTP, which includes the users session token
2018-07-1320:00:00
CWE-200
certcc
www.cve.org
The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain the userβs authenticated session token with the URL. An attacker can capture these requests and reuse the session token to gain full access the userβs account.
CNA Affected
[
{
"product": "Tech Nut Mobile Application",
"vendor": "Zizai Technology",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2018-07-13 20:29:00
nvd
nvd
CVE-2016-6548
2018-07-13 20:29:00
cve
cve
CVE-2016-6548
2018-07-13 20:29:00
cert
cert
Zizai Tech Nut contains multiple vulnerabilities
2016-10-25 00:00:00