CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
References
Link Resource
https://pastebin.com/GgpFz3ZW Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:orbitz:orbitz:19.31.1:*:*:*:*:android:*:*

Information

Published : 2019-10-15 14:15

Updated : 2019-10-17 20:17


NVD link : CVE-2019-17355

Mitre link : CVE-2019-17355


JSON object : View

CWE
CWE-532

Insertion of Sensitive Information into Log File

Advertisement

dedicated server usa

Products Affected

orbitz

  • orbitz