CVE-2024-32988
May 22, 2024, 12:46 p.m.
Tags
Product(s) Impacted
OfferBox App for Android
- 2.0.0 - 2.3.17
OfferBox App for iOS
- 2.1.7 - 2.6.14
Description
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to 2.6.14 use a hard-coded secret key for JWT. Secret key for JWT may be retrieved if the application binary is reverse-engineered.
Weaknesses
Date
Published: May 22, 2024, 8:15 a.m.
Last Modified: May 22, 2024, 12:46 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
vultures@jpcert.or.jp
References
vultures@jpcert.or.jp