CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App versionĀ 5.17.1-754993421 and prior
on Android allows an unauthenticated attacker with physical access to the Android device containing the app to bypass application authentication and alter information in the app.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsma-22-298-01 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-10-26T20:02:06.819Z
Updated:
Reserved: 2022-09-29T14:09:27.500Z
Link: CVE-2022-40703
JSON object: View
NVD Information
Status : Modified
Published: 2022-10-26T21:15:10.637
Modified: 2023-11-07T03:52:36.113
Link: CVE-2022-40703
JSON object: View
Redhat Information
No data.