CVE-2023-37513: HCL Traveler To Do is vulnerable to revealing sensitive information via the task switcher
First published: Fri Aug 11 2023(Updated: )
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Credit: psirt@hcl.com psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Traveler To Do | <12.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID for this issue is CVE-2023-37513.
What is the severity of CVE-2023-37513?
The severity of CVE-2023-37513 is medium.
What is the affected software version of CVE-2023-37513?
The affected software version of CVE-2023-37513 is Hcltech Traveler To Do version up to 12.0.6 on iPhone OS.
How does this vulnerability impact the user?
This vulnerability allows the app snapshot to not be blurred when the app is put to the background, potentially revealing sensitive information to anyone viewing the task switcher on iOS.
Is there a fix for CVE-2023-37513?
To fix CVE-2023-37513, it is recommended to update the Hcltech Traveler To Do app to a version higher than 12.0.6 on iPhone OS.
- collector/nvd-api
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/title
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/hcltech
- canonical/hcltech traveler to do