Vulnerabilities > CVE-2021-20733 - Missing Authorization vulnerability in Asken

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
asken
CWE-862

Summary

Improper authorization in handler for custom URL scheme vulnerability in ????????? (asken diet) for Android versions from v.3.0.0 to v.4.2.x allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.

Vulnerable Configurations

Part Description Count
Application
Asken
1

Common Weakness Enumeration (CWE)