exploitDog

CVE-2021-44033

Опубликовано: 19 нояб. 2021

Источник: nvd

CVSS3: 6.8

CVSS2: 4.6

EPSS Низкий

Описание

In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be bypassed.

Ссылки

http://packetstormsecurity.com/files/165027/Ionic-Identity-Vault-5.0.4-PIN-Unlock-Lockout-Bypass.html
Third Party Advisory
http://seclists.org/fulldisclosure/2021/Nov/41
Exploit
Mailing List
Third Party Advisory
https://ionic.io/docs/identity-vault/changelog
Release Notes
Vendor Advisory
http://packetstormsecurity.com/files/165027/Ionic-Identity-Vault-5.0.4-PIN-Unlock-Lockout-Bypass.html
Third Party Advisory
http://seclists.org/fulldisclosure/2021/Nov/41
Exploit
Mailing List
Third Party Advisory
https://ionic.io/docs/identity-vault/changelog
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ionic:identity_vault:*:*:*:*:*:*:*:*

Версия до 5.0.5 (включая)

EPSS

Процентиль: 22%

0.00073

Низкий

6.8 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-307

Связанные уязвимости

GHSA-2q4r-26xj-32hp

github

больше 3 лет назад

In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be bypassed.

EPSS

Процентиль: 22%

0.00073

Низкий

6.8 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-307