Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which allows attackers to discover usernames, passwords, and e-mail addresses via an application that reads session.clslog.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Starbucks 信任管理漏洞
Vulnerability Description
Starbucks是美国星巴克(Starbucks)公司的一套用于IOS平台的手机应用程序。该应用程序支持GPS自动定位、查询产品介绍、了解活动信息等。 基于iOS平台上的Starbucks 2.6.1版本应用程序存在信任管理漏洞,该漏洞源于Crashlytics日志文件(/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog)以明文方式存储敏感信息。远程攻击者可通过读取session.clslog文件利用
CVSS Information
N/A
Vulnerability Type
N/A