Insecure Storage of Confidential Information in Send Anywhere Android App
CVE-2019-13100 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
Learn more about our Cis Benchmark Audit For Google Android.