CVE-2019-8632

MEDIUM

Texture < 4.22.0.4 (Android) and < 5.11.10 (iOS) - Cleartext Transmission of Sensitive Analytics Data

Title source: llm
STIX 2.1

Description

Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
https://www.info-sec.ca/advisories/Texture.html
Vendor Advisory x_refsource_misc
https://support.apple.com/HT210110
Vendor Advisory x_refsource_misc
https://support.apple.com/HT210111

Scores

CVSS v3 6.5
EPSS 0.0128
EPSS Percentile 66.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-319
Status published
Products (2)
apple/texture < 4.22.0.4
apple/texture < 5.11.10
Published Dec 18, 2019
Tracked Since Feb 18, 2026