Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code ('Code Injection') by allowing unauthenticated access to read data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
Advisories
Source ID Title
EUVD EUVD EUVD-2020-29142 Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code ('Code Injection') by allowing unauthenticated access to read data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2024-08-04T09:56:28.347Z

Reserved: 2020-01-28T00:00:00

Link: CVE-2020-8274

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-06T21:15:14.473

Modified: 2024-11-21T05:38:38.043

Link: CVE-2020-8274

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.