CNVD-2018-03078

Vulnerability from cnvd - Published: 2018-02-09
VLAI
Title
Match Group Tinder iOS app和Tinder Android app信息泄露漏洞
Description
Match Group Tinder iOS app和Tinder Android app都是美国Match Group公司的产品。Tinder iOS app是一款基于iOS平台的在线交友应用程序。Tinder Android app是一款基于Android的在线交友应用程序。 Match Group Tinder iOS app和Tinder Android app中存在安全漏洞。攻击者可通过嗅探网络流量利用该漏洞提取私有的敏感信息。
Severity
Formal description

厂商尚未提供漏洞修复方案,请关注厂商主页更新: https://tinder.com/app/login?lang=zh-Hans

Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-6018
Impacted products
Name
['Match Group Tinder Android app', 'Match Group Tinder iOS app']
Show details on source website

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-6018"
    }
  },
  "description": "Match Group Tinder iOS app\u548cTinder Android app\u90fd\u662f\u7f8e\u56fdMatch Group\u516c\u53f8\u7684\u4ea7\u54c1\u3002Tinder iOS app\u662f\u4e00\u6b3e\u57fa\u4e8eiOS\u5e73\u53f0\u7684\u5728\u7ebf\u4ea4\u53cb\u5e94\u7528\u7a0b\u5e8f\u3002Tinder Android app\u662f\u4e00\u6b3e\u57fa\u4e8eAndroid\u7684\u5728\u7ebf\u4ea4\u53cb\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nMatch Group Tinder iOS app\u548cTinder Android app\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u55c5\u63a2\u7f51\u7edc\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u53d6\u79c1\u6709\u7684\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Unknow",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://tinder.com/app/login?lang=zh-Hans",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03078",
  "openTime": "2018-02-09",
  "products": {
    "product": [
      "Match Group Tinder Android app",
      "Match Group Tinder iOS app"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-6018",
  "serverity": "\u4e2d",
  "submitTime": "2018-01-25",
  "title": "Match Group Tinder iOS app\u548cTinder Android app\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…