cvedb.io
CVE-2022-34908
HIGH · CVSS 8.2
EPSS exploitation probability: 0%
Published 2023-02-27T13:15:10.107 · Last modified 2026-06-17T04:51:08.157

Summary

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data.

Affected products

aremis — aremis_4_nomads

Does this affect you?

Add your gear to cvedb and we'll alert you only when aremis ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.