Lucene search

TR-CERTCVELIST:CVE-2023-6255

HistoryFeb 15, 2024 - 3:52 p.m.

CVE-2023-6255 Hardcoded Credentals in SoliClub Mobile App

2024-02-1515:52:03

CWE-798

TR-CERT

www.cve.org

cve-2023-6255

utarit information technologies

sensitive strings

executable

solipay mobile app

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App allows Read Sensitive Strings Within an Executable.This issue affects SoliPay Mobile App: before 5.0.8.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SoliPay Mobile App",
    "vendor": "Utarit Information Technologies",
    "versions": [
      {
        "lessThan": "5.0.8",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-24-0104

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2023-6255