CVE-2022-34910

Share

CVE-2022-34910

by mrahier96

Abstract Advisory Information

To log the user in offline mode, the application has got a local database with the username and password. However, the password is stored in clear text. By using a SQL injection or by accessing to the database in case of a rooted device, the attacker can retrieve the password of other users that used the same device.

Authors: Valentin Giannini & Alexandre Guldner

Version affected

Name: A4N (Aremis 4 Nomad) Android mobile application

Versions: 1.5.0

Common Vulnerability Scoring System

4.1

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Patch

 1.5.1 (B221115)

References

Vulnerability Disclosure Timeline

  • 11/05/2022: Vulnerability discovery
  • 12/05/2022: Vulnerability Report to CERT-XLM
  • 17/05/2022: Vulnerability Report to Vendor through Contact Form
  • 17/05/2022: Vulnerability Report to Vendor through investigation
  • 19/05/2022: Vulnerability Report to Vendor through investigation
  • 03/06/2022: Called vendor, redirected us to an email address
  • 03/06/2022: Vulnerability Report to Vendor through investigation
  • 10/06/2022: Vulnerability Report to Vendor through investigation
  • 17/06/2022: Vulnerability Report to Vendor through investigation
  • 24/06/2022: Called vendor again to press on them, gave cert@ email address to recontact us
  • 24/06/2022: Vulnerability Report to the Director Information System through investigation
  • 01/07/2022: Vulnerability Report shared with the vendor
  • 01/07/2022: Request CVE ID to Mitre
  • 02/07/2022: CVE number assigned
  • 11/07/2022: Acknowledge from vendor. Vulnerabilities will be fixed by the end of September
  • 15/07/2022: Call with the vendor. Vulnerabilities will be fixed by the end of September
  • 30/09/2022: Asked the vendor for an update.
  • 21/10/2022: Asked the vendor for an update.
  • 28/10/2022: Asked the vendor for an update. Vendor said that they will test the fixes in mid-November
  • 02/12/2022: Asked the vendor for an update.
  • 09/12/2022: Asked the vendor for an update.
  • 12/12/2022: Vendor confirmed that they did a second pen test and most flaws are solved. A final report should arrive by the end of the year.
  • 06/01/2023: Asked the vendor for an update.
  • 09/01/2023: Vendor sent latest vulnerability fix report. According to their report the vulnerabilities would be fixed. Vendor says they are waiting for a second pentest to publish the patch.
  • 13/01/2023: Asked the vendor for an update
  • 25/01/2023: Addressed and fixed in version: 1.5.1 (B221115)
  • 24/02/2023: Public disclosure by Excellium Services in accordance with Aremis Group
Top