CVE-2020-35454

MEDIUM

Taidii Diibear - Cleartext Storage

Title source: rule
STIX 2.1

Description

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.

References (2)

Core 2

Scores

CVSS v3 6.8
EPSS 0.0003
EPSS Percentile 7.9%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-312
Status published
Products (1)
taidii/diibear 2.4.0
Published Mar 17, 2021
Tracked Since Feb 18, 2026