MEDIUM 5.9 Publié le 2019-05-10

CVE-2019-3566

EN A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. This behavior requires independent knowledge of metadata for previous messages, which are not available publicly. This issue affects WhatsApp for Android 2.19.52 and 2.19.54 - 2.19.103, as well as WhatsApp Business for Android starting in v2.19.22 until v2.19.38.

CVSS v3 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Apps suivies affectées

com.whatsapp

1 ouverte

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
whatsapp	whatsapp	Android	≥2.19.54 ≤2.19.103	cpe:2.3:a:whatsapp:whatsapp::::::android::*
whatsapp	whatsapp	Android	—	cpe:2.3:a:whatsapp:whatsapp:2.19.52:::::android::
whatsapp	whatsapp_business	Android	≥2.19.22 ≤2.19.38	cpe:2.3:a:whatsapp:whatsapp_business::::::android::*

Voir sur NVD ↗