A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:LBluestacks
APPBluestacks5.20
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2020-24367HIGH7.8ten sam produkt
Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privile...
CVE-2018-0701HIGH8.8ten sam produkt
BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0...
CVE-2016-4288HIGH8.4ten sam produkt
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installe...
CVE-2019-25548MEDIUM6.9ten sam produkt
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the app...
CVE-2019-14220MEDIUM6.5ten sam produkt
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks e...