Vulnerabilities > CVE-2018-17108 - Unspecified vulnerability in SBI Buddy 1.41/1.42

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
sbi
NVD
Published: 2018-09-16
Updated: 2020-08-24

Summary

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Vulnerable Configurations

Part Description Count
Application
Sbi
2

References