ByteOS Network

sbi

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2018-17404

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-5.3||MEDIUM

EPSS-0.33% / 55.56%

7 Day CHG~0.00%

Published-23 Sep, 2018 | 22:00

Updated-05 Aug, 2024 | 10:47

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number (from a government-issued ID), and date of birth.

Vendor-sbi n/a

Product-sbi_buddy n/a

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2018-17108

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-8.8||HIGH

EPSS-0.37% / 57.85%

7 Day CHG~0.00%

Published-16 Sep, 2018 | 23:00

Updated-17 Sep, 2024 | 01:52

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Vendor-sbi n/a

Product-sbi_buddy n/a

CVE-2014-5954

Assigner-CERT/CC

View Details

Assigner-CERT/CC

CVSS Score-5.4||MEDIUM

EPSS-0.04% / 9.43%

7 Day CHG~0.00%

Published-18 Sep, 2014 | 10:00

Updated-12 Apr, 2025 | 10:46

The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor-sbi n/a

Product-state_bank_anywhere n/a