CVE-2023-36621

EPSS 0.1%
Veröffentlicht 03.11.2023 04:15:21
Zuletzt bearbeitet 21.11.2024 08:10:05
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nationaledtech ≫ Boomerang SwPlatformandroid Version < 13.83

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.291

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/

Third Party Advisory

https://seclists.org/fulldisclosure/2023/Jul/12

Third Party Advisory

Mailing List

https://useboomerang.com/

Product

https://nvd.nist.gov/vuln/detail/CVE-2023-36621

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-36621

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-36621

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-36621