nvd-json-data-feeds/CVE-2024/CVE-2024-329xx/CVE-2024-32988.json

{
  "id": "CVE-2024-32988",
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "published": "2024-05-22T08:15:10.080",
  "lastModified": "2024-05-22T12:46:53.887",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to 2.6.14 use a hard-coded secret key for JWT. Secret key for JWT may be retrieved if the application binary is reverse-engineered."
    },
    {
      "lang": "es",
      "value": "La aplicaci\u00f3n 'OfferBox' para las versiones de Android 2.0.0 a 2.3.17 y la aplicaci\u00f3n 'OfferBox' para las versiones de iOS 2.1.7 a 2.6.14 utilizan una clave secreta codificada para JWT. La clave secreta para JWT se puede recuperar si se realiza ingenier\u00eda inversa al binario de la aplicaci\u00f3n."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://jvn.jp/en/jp/JVN83405304/",
      "source": "vultures@jpcert.or.jp"
    }
  ]
}