CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App version 5.17.1-754993421 and prior on Android allows an unauthenticated attacker with physical access to the Android device containing the app to bypass application authentication and alter information in the app.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsma-22-298-01 | Mitigation Third Party Advisory US Government Resource |
Configurations
Information
Published : 2022-10-26 14:15
Updated : 2022-10-28 12:41
NVD link : CVE-2022-40703
Mitre link : CVE-2022-40703
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
alivecor
- kardia