CVE-2018-11242

EUVD-2018-3282
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Common Weakness Enumeration
References
https://gist.github.com/NinjaXshell/ba0aeee4b77b4bdea76d0c0c095d53b1
https://www.exploit-db.com/exploits/44690/
https://gist.github.com/NinjaXshell/ba0aeee4b77b4bdea76d0c0c095d53b1
https://www.exploit-db.com/exploits/44690/