Описание
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.20.100 (исключая)Версия до 2.20.100 (исключая)
Одно из
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-285
CWE-552
Связанные уязвимости
github
больше 3 лет назад
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.
EPSS
Процентиль: 31%
0.00117
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-285
CWE-552