CVE-2024-7697

EPSS 0.52%
Veröffentlicht 12.08.2024 13:38:58
Zuletzt bearbeitet 13.11.2025 13:48:31
Quelle 907edf6c-bf03-423e-ab1a-8da27e
CVE-Watchlists
Login
Unerledigt
Login

Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Transsion ≫ Carlcare Version5.9.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.52%	0.662

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

https://security.tecno.com/SRC/securityUpdates?type=SA

Vendor Advisory

https://security.tecno.com/SRC/blogdetail/294?lang=en_US

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-7697

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-7697

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-7697

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-7697