Home / Early Warning / Vulnerabilidades / CVE-2020-8988

CVE-2020-8988

Type: 
Unavailable / Other
Severity: 
Medium
Publication date: 
02/13/2020
Last modified: 
02/27/2020
Description
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:a:voatz:voatz:2020-01-01:*:*:*:*:android:*:*
To consult the complete list of products and versions see this page
Explanation of fields