Vulnerabilities > CVE-2020-5800 - Incorrect Resource Transfer Between Spheres vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

eat-spray-love-project

CWE-669

critical

NVD

Published: 2020-12-07

Updated: 2021-07-21

Summary

The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.

Vulnerable Configurations

Part	Description	Count
Application	Eat_Spray_Love_Project EAT Spray Love Project EAT Spray Love 2.0.20	2

Common Weakness Enumeration (CWE)

CWE-669 - Incorrect Resource Transfer Between Spheres

References

https://www.tenable.com/security/research/tra-2020-65