Vulnerabilities > CVE-2018-17108 - Unspecified vulnerability in SBI Buddy 1.41/1.42
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
sbi
Summary
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |