CVE-2022-36539

Опубликовано: 07 сент. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.

Ссылки

https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326
Product
Release Notes
Third Party Advisory
https://github.com/Fopje/CVE-2022-36539
Exploit
Third Party Advisory
https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326
Product
Release Notes
Third Party Advisory
https://github.com/Fopje/CVE-2022-36539
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eigen\&wijzer_ouderapp_project:eigen\&wijzer_ouderapp:*:*:*:*:*:iphone_os:*:*

Версия до 1.1.22 (исключая)

EPSS

Процентиль: 91%

0.06203

Низкий

7.5 High

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-2x59-2xmg-fgcx