5
CVSSv2

CVE-2015-8320

Published: 23/11/2015 Updated: 09/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Apache Cordova-Android prior to 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for malicious users to conduct bridge hijacking attacks by predicting a value.

Affected Products

Vendor Product Versions
ApacheCordova3.6.4

Github Repositories