exploitDog

CVE-2021-3145

Опубликовано: 10 сент. 2021

Источник: nvd

CVSS3: 6.7

CVSS2: 7.2

EPSS Низкий

Описание

In Ionic Identity Vault before 5, a local root attacker on an Android device can bypass biometric authentication.

Ссылки

http://packetstormsecurity.com/files/164085/Ionic-Identity-Vault-4.7-Android-Biometric-Authentication-Bypass.html
Exploit
Third Party Advisory
VDB Entry
https://ionic.io/products/identity-vault
Vendor Advisory
http://packetstormsecurity.com/files/164085/Ionic-Identity-Vault-4.7-Android-Biometric-Authentication-Bypass.html
Exploit
Third Party Advisory
VDB Entry
https://ionic.io/products/identity-vault
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ionic:identity_vault:*:*:*:*:*:*:*:*

Версия до 5.0 (исключая)

EPSS

Процентиль: 44%

0.00216

Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-c5c8-g6j3-w28m

github

больше 3 лет назад

In Ionic Identity Vault before 5, a local root attacker on an Android device can bypass biometric authentication.

EPSS

Процентиль: 44%

0.00216

Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-287