CVE-2017-2752

LOW

Tommy Hilfiger TH24/7 Android App <=2.2.0.19 - Information Exposure via Incomplete Obfuscation

Title source: llm
STIX 2.1

Description

A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.hp.com/us-en/document/c05904705

Scores

CVSS v3 2.1
EPSS 0.0011
EPSS Percentile 28.8%
Attack Vector PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-254
Status published
Products (4)
hp/tommy_hilfiger_th24\/7 2.0.0.11
hp/tommy_hilfiger_th24\/7 2.0.1.14
hp/tommy_hilfiger_th24\/7 2.1.0.16
hp/tommy_hilfiger_th24\/7 2.2.0.19
Published Mar 27, 2019
Tracked Since Feb 18, 2026