4.3

CVE-2020-5532

EPSS 0.32%
Veröffentlicht 14.02.2020 14:15:10
Zuletzt bearbeitet 21.11.2024 05:34:13
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for iOS prior to version 1.2.01) allows an attacker on the same network segment to bypass authentication and to view the images which were recorded by the other ilbo user's device via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Extrun ≫ Ilbo SwPlatformandroid Version < 1.1.8

Extrun ≫ Ilbo SwPlatformiphone_os Version < 1.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.32%	0.549

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://jvn.jp/en/jp/JVN35496038/index.html

Third Party Advisory

https://apps.apple.com/us/app/ilbo/id1116864683

Product

Release Notes

https://play.google.com/store/apps/details?id=jp.extrun.ilbo&hl=en

Product

https://nvd.nist.gov/vuln/detail/CVE-2020-5532

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-5532

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-5532

EUVD