An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data.
Metrics
Affected Vendors & Products
References
History
Mon, 10 Mar 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-306 | |
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-03-10T19:55:39.516Z
Reserved: 2022-07-01T00:00:00.000Z
Link: CVE-2022-34908

Updated: 2024-08-03T09:22:10.744Z

Status : Modified
Published: 2023-02-27T13:15:10.107
Modified: 2025-03-10T20:15:12.223
Link: CVE-2022-34908

No data.