Overview
- Description
- The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.
- Source
- psirt@hcl.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcltech:verse:*:*:*:*:*:android:*:*",
"vulnerable": true,
"matchCriteriaId": "A2EA89D7-E820-4C50-A282-6A3EC75278FB",
"versionEndExcluding": "12.0.15"
}
],
"operator": "OR"
}
]
}
]