Vulnerabilities > CVE-2022-41209 - Unspecified vulnerability in SAP Customer Data Cloud 7.4

047910
CVSS 5.2 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
NONE
low complexity
sap

Summary

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks.

Vulnerable Configurations

Part Description Count
Application
Sap
1