Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY table in the memono.sqlite database.
References
Link | Resource |
---|---|
https://fatihhcelik.blogspot.com/2020/02/memono-insecure-data-storage-ios.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-16T18:48:36
Updated: 2020-04-16T18:48:36
Reserved: 2020-04-16T00:00:00
Link: CVE-2020-11826
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-16T19:15:27.680
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-11826
JSON object: View
Redhat Information
No data.
CWE