CVE-2024-12604 | Vulnerability Database

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-12604
CWE	https://cwe.mitre.org/data/definitions/526.html

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-12604

CWE

https://cwe.mitre.org/data/definitions/526.html

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025.

Weakness

The product uses an environment variable to store unencrypted sensitive information.

Potential Mitigations

References

https://docs.tapandsign.com/tap-and-sign/tap-and-sign-v.1.025-surum-notlari
https://www.usom.gov.tr/bildirim/tr-25-0063