Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authentication in Tapandsign Technologies Tap and Sign App
Vulnerability Description
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
通过环境变量导致的信息暴露
Vulnerability Title
Tap&Sign 安全漏洞
Vulnerability Description
Tap&Sign是Tap&Sign公司的一款易于使用、具有法律约束力的电子签名解决方案。 Tap&Sign V.1.025之前版本存在安全漏洞,该漏洞源于敏感信息明文存储在环境变量中,以及弱密码恢复机制,可能导致密码恢复利用和功能滥用。
CVSS Information
N/A
Vulnerability Type
N/A