CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
References
Link Resource
https://pastebin.com/GgpFz3ZW Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:orbitz:orbitz:19.31.1:*:*:*:*:android:*:*

Information

Published : 2019-10-15 09:15

Updated : 2019-10-18 03:17


NVD link : CVE-2019-17355

Mitre link : CVE-2019-17355

Products Affected
No products.
CWE
CWE-532

Insertion of Sensitive Information into Log File