Overview
- Description
- A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue.
- Source
- hp-security-alert@hp.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 1.4
- Exploitability score
- 0.7
- Vector string
- CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-254
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:tommy_hilfiger_th24\\/7:2.0.0.11:*:*:*:*:android:*:*",
"vulnerable": true,
"matchCriteriaId": "FEDB7BA6-529F-4DB2-922F-3AFAE90BBCAE"
},
{
"criteria": "cpe:2.3:a:hp:tommy_hilfiger_th24\\/7:2.0.1.14:*:*:*:*:android:*:*",
"vulnerable": true,
"matchCriteriaId": "3D03878F-D231-4C5E-8A27-2B9E6DBA91DE"
},
{
"criteria": "cpe:2.3:a:hp:tommy_hilfiger_th24\\/7:2.1.0.16:*:*:*:*:android:*:*",
"vulnerable": true,
"matchCriteriaId": "7722D836-9B15-4123-A384-704016BA9C7E"
},
{
"criteria": "cpe:2.3:a:hp:tommy_hilfiger_th24\\/7:2.2.0.19:*:*:*:*:android:*:*",
"vulnerable": true,
"matchCriteriaId": "BE153BB9-CDA2-482E-956F-91F7A3EBE7D7"
}
],
"operator": "OR"
}
]
}
]