Cleartext Transmission Vulnerability in Avira Mobile Security for iOS
CVE-2015-7732

7.5HIGH

Key Information:

Vendor: Avira
Status: Avira Mobile Security
Vendor: CVE Published:; 15 June 2017

What is CVE-2015-7732?

The Avira Mobile Security app for iOS, prior to version 1.5.11, has a vulnerability that allows sensitive user login credentials to be transmitted in cleartext. This improper handling of sensitive information poses significant security risks, as it can be intercepted by malicious actors, potentially leading to unauthorized access to user accounts.

References

https://www.info-sec.ca/advisories/Avira-Mobile-Security....

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2017
Vulnerability Reserved
Oct 6, 2015