Published: 24/01/2018 Updated: 03/10/2019

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an malicious user to extract private sensitive information by sniffing network traffic.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tinder tinder -

Swipe fright: Tinder hackers may know how desperate you really are

The Register • Shaun Nichols in San Francisco • 23 Jan 2018

Eavesdroppers could be able to peek in on mobile flirts

A lack of security protections in Tinder's mobile app is leaving lonely hearts vulnerable to eavesdropping. That's according to security biz Checkmarx this week, which claimed Android and iOS builds of the dating app fail to properly encrypt network traffic, meaning the basic actions of peeps looking to hookup – such as swipes on profiles – could be collected by anyone on the same Wi-Fi or carrying out similar snooping. Checkmarx researchers disclosed two flaws (CVE-2018-6017, CVE-2018-6018)...

CVE-2018-6017

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect