CVE-2024-6294

LOW

3.9CVSS v3

—CVSS v2

0.12% EPSS (exploit probability)

CWE-200CWE

Description

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn.

CVSS v3 vector: CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE