CVE-2017-15997

Published: Oct 29, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the preferences XML file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://1337sec.blogspot.de/2017/10/auditing-nq-contacts-backup-restore-11.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15997

Description

Affected Products

References