2 matches found
CVE-2022-35290
CVE-2022-35290 corresponds to an information-disclosure issue in SAP Authenticator for Android. The available documents consistently describe that under certain conditions an attacker could access information that should be restricted. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), wit...
CVE-2023-27895
SAP Authenticator for Android (version 1.3.0) is reported to expose OTP-related data when a malicious app is installed on a device, allowing screen capture during token setup. The attacker could read the currently viewed OTP and the secret OTP alphanumeric token, but cannot modify or delete data....