CVE-2019-2231

MEDIUM Year: 2019
CVSS v3 Score
4.4
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-311
View all →

Vulnerability Description

In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-141955555

Related Vulnerabilities

CVE-2018-1937

MEDIUM
CVSS:4.4(Medium)

IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept highly sensitive unencrypted data. IBM X-Force ID: 153317.

CWE-3112018

CVE-2018-1938

MEDIUM
CVSS:4.4(Medium)

IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept highly sensitive unencrypted data. IBM X-Force ID: 153318.

CWE-3112018

CVE-2021-20567

MEDIUM
CVSS:4.4(Medium)

IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.

CWE-3112021

CVE-2023-23371

MEDIUM
CVSS:4.4(Medium)

A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read s...

CWE-3112023

CVE-2017-8168

MEDIUM
CVSS:4.3(Medium)

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmissio...

CWE-3112017

CVE-2019-4616

MEDIUM
CVSS:4.3(Medium)

IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or...

CWE-3112019