Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL Verse for Android is susceptible to an APK signing key check vulnerability
Vulnerability Description
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
不充分的加密强度
Vulnerability Title
HCL Technologies HCL Verse 加密问题漏洞
Vulnerability Description
HCL Technologies HCL Verse是美国HCL Technologies公司的一个可访问邮件并进行生活计划管理的移动端应用。 HCL Technologies HCL Verse 12.0.15之前版本存在安全漏洞,该漏洞源于应用程序使用小于或等于 1024 位的密钥长度进行签名,使其可能容易受到伪造数字签名的攻击,攻击者利用该漏洞可以在恶意修改应用程序后伪造与应用程序相同的数字签名。
CVSS Information
N/A
Vulnerability Type
N/A