Search

Find a vulnerability

Search criteria

    6 vulnerabilities by belwith-keeler

    CVE-2019-5634 (GCVE-0-2019-5634)

    Vulnerability from nvd – Published: 2019-08-22 13:51 – Updated: 2024-09-17 01:11
    VLAI
    Title
    Hickory Smart Lock Insecure Logging on Android
    Summary
    An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device's default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions.
    CWE
    • CWE-532 - Inclusion of Sensitive Information in Log Files
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.43 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:51.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.43",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device\u0027s default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Inclusion of Sensitive Information in Log Files",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:37.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.3",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Logging on Android",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5634",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Logging on Android"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.43"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device\u0027s default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Inclusion of Sensitive Information in Log Files"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US",
                  "refsource": "MISC",
                  "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.3",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5634",
        "datePublished": "2019-08-22T13:51:37.034Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:11:56.007Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5633 (GCVE-0-2019-5633)

    Vulnerability from nvd – Published: 2019-08-22 13:51 – Updated: 2024-09-16 16:42
    VLAI
    Title
    Hickory Smart Lock Insecure Storage on iOS
    Summary
    An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.07 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:52.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "CWE-922: Insecure Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:36.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.2",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Storage on iOS",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5633",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Storage on iOS"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.07"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-922: Insecure Storage of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://apps.apple.com/us/app/hickory-smart/id1189748191",
                  "refsource": "MISC",
                  "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.2",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5633",
        "datePublished": "2019-08-22T13:51:36.974Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:42:37.789Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5632 (GCVE-0-2019-5632)

    Vulnerability from nvd – Published: 2019-08-22 13:51 – Updated: 2024-09-16 21:57
    VLAI
    Title
    Hickory Smart Lock Insecure Storage on Android
    Summary
    An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.43 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:51.963Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.43",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "CWE-922: Insecure Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:36.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.1",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Storage on Android",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5632",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Storage on Android"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.43"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-922: Insecure Storage of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US",
                  "refsource": "MISC",
                  "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.1",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5632",
        "datePublished": "2019-08-22T13:51:36.900Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:57:21.046Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5634 (GCVE-0-2019-5634)

    Vulnerability from cvelistv5 – Published: 2019-08-22 13:51 – Updated: 2024-09-17 01:11
    VLAI
    Title
    Hickory Smart Lock Insecure Logging on Android
    Summary
    An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device's default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions.
    CWE
    • CWE-532 - Inclusion of Sensitive Information in Log Files
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.43 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:51.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.43",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device\u0027s default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Inclusion of Sensitive Information in Log Files",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:37.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.3",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Logging on Android",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5634",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Logging on Android"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.43"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile application are logged in a debug log on the Android device at HickorySmartLog/Logs/SRDeviceLog.txt. This information was found stored in the Android device\u0027s default USB or SDcard storage paths and is accessible without rooting the device. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Inclusion of Sensitive Information in Log Files"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US",
                  "refsource": "MISC",
                  "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.3",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5634",
        "datePublished": "2019-08-22T13:51:37.034Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:11:56.007Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5633 (GCVE-0-2019-5633)

    Vulnerability from cvelistv5 – Published: 2019-08-22 13:51 – Updated: 2024-09-16 16:42
    VLAI
    Title
    Hickory Smart Lock Insecure Storage on iOS
    Summary
    An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.07 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:52.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "CWE-922: Insecure Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:36.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.2",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Storage on iOS",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5633",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Storage on iOS"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.07"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-922: Insecure Storage of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://apps.apple.com/us/app/hickory-smart/id1189748191",
                  "refsource": "MISC",
                  "url": "https://apps.apple.com/us/app/hickory-smart/id1189748191"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.2",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5633",
        "datePublished": "2019-08-22T13:51:36.974Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:42:37.789Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5632 (GCVE-0-2019-5632)

    Vulnerability from cvelistv5 – Published: 2019-08-22 13:51 – Updated: 2024-09-16 21:57
    VLAI
    Title
    Hickory Smart Lock Insecure Storage on Android
    Summary
    An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Belwith Products, LLC Hickory Smart Affected: unspecified , ≤ 01.01.43 (custom)
    Create a notification for this product.
    Date Public
    2019-08-01 00:00
    Credits
    This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7's vulnerability disclosure policy (https://www.rapid7.com/disclosure/).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:01:51.963Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hickory Smart",
              "vendor": "Belwith Products, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "01.01.43",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
            }
          ],
          "datePublic": "2019-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "CWE-922: Insecure Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-22T13:51:36.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
            }
          ],
          "source": {
            "advisory": "R7-2019-18.1",
            "discovery": "INTERNAL"
          },
          "title": "Hickory Smart Lock Insecure Storage on Android",
          "x_generator": {
            "engine": "Vulnogram 0.0.7"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2019-08-01T13:05:00.000Z",
              "ID": "CVE-2019-5632",
              "STATE": "PUBLIC",
              "TITLE": "Hickory Smart Lock Insecure Storage on Android"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hickory Smart",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "01.01.43"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Belwith Products, LLC"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "This issue was discovered and reported by Deral Heiland of Rapid7. It has been disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application\u0027s database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for Android, version 01.01.43 and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.7"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-922: Insecure Storage of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/",
                  "refsource": "MISC",
                  "url": "https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/"
                },
                {
                  "name": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US",
                  "refsource": "MISC",
                  "url": "https://play.google.com/store/apps/details?id=com.belwith.hickorysmart\u0026hl=en_US"
                }
              ]
            },
            "source": {
              "advisory": "R7-2019-18.1",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2019-5632",
        "datePublished": "2019-08-22T13:51:36.900Z",
        "dateReserved": "2019-01-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:57:21.046Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }