Vulnerability Description
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bankofamerica | Bank Of America | 2.12 |
| Android | All versions |
Related Weaknesses (CWE)
References
- http://news.cnet.com/8301-27080_3-20021874-245.html
- http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html
- http://viaforensics.com/appwatchdog/bank-of-america-android.html
- http://news.cnet.com/8301-27080_3-20021874-245.html
- http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html
- http://viaforensics.com/appwatchdog/bank-of-america-android.html
FAQ
What is CVE-2010-4213?
CVE-2010-4213 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading applicati...
How severe is CVE-2010-4213?
CVE-2010-4213 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4213?
Check the references section above for vendor advisories and patch information. Affected products include: Bankofamerica Bank Of America, Google Android.