CVE-2019-13099

MEDIUM

Momo 2.1.9 - Cleartext Storage of Sensitive Information via Logcat

Title source: llm
STIX 2.1

Description

The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user and a user's access token via Logcat.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://pastebin.com/SgVPb7Lb

Scores

CVSS v3 6.5
EPSS 0.0075
EPSS Percentile 50.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-312
Status published
Products (1)
momo_project/momo 2.1.9
Published Jul 22, 2019
Tracked Since Feb 18, 2026