Описание
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gm:shanghai_onstar:7.1:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 45%
0.00221
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.
EPSS
Процентиль: 45%
0.00221
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-287
CWE-287