CVE-2015-8320

CVSS v2.0 5 (Medium)

EPSS 0.23 % (61^th)

Affected Products 1

Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value.

Weaknesses

CWE-NVD-Other

Related CVEs

CVE-2015-5257

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2015-11-23 11:59:01
(8 years ago)
Updated Date: 2018-10-09 19:58:24
(6 years ago)

Affected Products

Apache

Cordova

Configuration #1

		CPE23	From	Up To
	Apache Cordova for Android 3.6.4 and prior versions	cpe:2.3:a:apache:cordova::::::android		<= 3.6.4