Home / Vulnerability Database / C-sharp : Xamarin: File with universal read or write access

C-sharp : Xamarin: File with universal read or write access

Classification

OWASP Mobile Top 10 2014

M2-Insecure Data Storage M4-Unintended Data Leakage

OWASP Mobile Top 10 2016

M2-Insecure Data Storage

HIPAA

§164.312 (a)(1)

Overview

The application saves the file with global read and write access. This can lead to data confidentiality loss.

The application saves the file with the MODE_WORLD_READABLE or MODE_WORLD_WRITEABLE parameter, thus granting all applications access for reading or writing into this file. Using the mentioned constants is insecure: they are deprecated since API Level 17 (Android 4.2).

References

Storage Options - developer.android.com

MEDIUM

C-sharp : Xamarin: File with universal read or write access

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C-sharp : Xamarin: File with universal read or write access in your application?

See also

C-sharp : JWT: None Algorithm

C-sharp : Insecure data transmission: Database

C-sharp : Only one of method Equals() and GetHashCode() defined