Описание
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.0.2.10:*:*:*:*:iphone_os:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.0.201601214:*:*:*:*:android:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.2.2.12:*:*:*:*:iphone_os:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.2.2016040820:*:*:*:*:android:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.3.7:*:*:*:*:iphone_os:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.3.2016052319:*:*:*:*:android:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.4.8:*:*:*:*:iphone_os:*:*
cpe:2.3:a:hp:isaac_mizrahi_smartwatch:1.4.2016072601:*:*:*:*:android:*:*
EPSS
Процентиль: 77%
0.01035
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.
EPSS
Процентиль: 77%
0.01035
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-254