CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9819

The National Payments Corporation of India BHIM application 1.3 for Android does not properly restrict use of the OTP feature, which makes it easier for attackers to bypass authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 79.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/148926
https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf

Products affected by CVE-2017-9819

Npci » Bharat Interface For Money (Bhim) » Version: 1.3

cpe:2.3:a:npci:bharat_interface_for_money_(bhim):1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9819

Products

Pricing

Contact Us