DerScanner
Home / Vulnerability Database / C-sharp : Xamarin: External storage usage
C#

C-sharp : Xamarin: External storage usage

Classification

OWASP Mobile Top 10 2014
M2-Insecure Data Storage
OWASP Mobile Top 10 2016
M2-Insecure Data Storage
HIPAA
§164.312 (c)(1)
CWE
CWE-250CWE-921
CWE/SANS Top 25 2011
CWE-250

Overview

The application writes data to an external storage device.

Files written to external storage device are readable by all applications and can be changed when the user connects the device to a computer in a USB drive mode. Besides, files stored in external storage will remain there even after the application is deleted. This can lead to a valuable data confidentiality loss.

References

  1. OWASP: Insecure Storage
  2. Storage Options - developer.android.com
  3. CWE-250: Execution with Unnecessary Privileges
  4. CWE-921: Storage of Sensitive Data in a Mechanism without Access Control
MEDIUM

DerScanner Severity Score

Do you want to fix C-sharp : Xamarin: External storage usage in your application?

See also

C#

C-sharp : JWT: None Algorithm

C#

C-sharp : Insecure data transmission: Database

C#

C-sharp : Only one of method Equals() and GetHashCode() defined