Password Storage Vulnerability in Siemens SPCanywhere Android Application
CVE-2015-1598

Currently unrated

Key Information:

Vendor: Siemens
Status: Spcanywhere
Vendor: CVE Published:; 7 March 2015

What is CVE-2015-1598?

The Siemens SPCanywhere application for Android inadequately manages the storage of application passwords, providing an opportunity for nearby attackers to gain access to sensitive information by inspecting the device's filesystem. This flaw poses a significant risk, especially in environments where physical device security cannot be guaranteed.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2015
Vulnerability Reserved
Feb 13, 2015