Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cosmote Greece What's Up App Realm Database RealmDB.java default key
Vulnerability Description
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
CWE-1394
Vulnerability Title
Cosmote What’s Up 安全漏洞
Vulnerability Description
Cosmote What’s Up是Cosmote公司的一个应用程序。 Cosmote What’s Up 4.47.3版本存在安全漏洞,该漏洞源于在Android平台上对参数defaultRealmKey的处理不当,导致使用默认加密密钥。
CVSS Information
N/A
Vulnerability Type
N/A