Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-41210

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings.

Published

2022-10-11T21:15:26.617

Last Modified

2025-05-20T14:15:23.030

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.2 (MEDIUM)

Weaknesses

Type: Secondary
CWE-338

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	customer_data_cloud	7.4	Yes

References

https://launchpad.support.sap.com/#/notes/3248384 Permissions Required, Vendor Advisory ([email protected])
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory ([email protected])
https://launchpad.support.sap.com/#/notes/3248384 Permissions Required, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)