exploitDog

CVE-2022-23849

Опубликовано: 03 мар. 2022

Источник: nvd

CVSS3: 6.6

CVSS2: 4.6

EPSS Низкий

Описание

The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. An attacker must rapidly make failed biometric authentication attempts.

Ссылки

https://devolutions.net/security/advisories/
Vendor Advisory
https://devolutions.net/security/advisories/DEVO-2022-0001
Vendor Advisory
https://devolutions.net/security/advisories/
Vendor Advisory
https://devolutions.net/security/advisories/DEVO-2022-0001
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:devolutions:password_hub:*:*:*:*:*:iphone_os:*:*

Версия до 2021.3.4 (исключая)

EPSS

Процентиль: 19%

0.00059

Низкий

6.6 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-qxhp-mp7h-vg86

CVSS3: 6.6

github

почти 4 года назад

The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. An attacker must rapidly make failed biometric authentication attempts.

EPSS

Процентиль: 19%

0.00059

Низкий

6.6 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo