mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
80 lines
2.9 KiB
JSON
80 lines
2.9 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2017-2748",
|
|
"ASSIGNER": "hp-security-alert@hp.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Isaac Mizrahi",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Isaac Mizrahi Smartwatch Mobile App",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "Isaac Mizrahi iOS app versions 1.0.2.10"
|
|
},
|
|
{
|
|
"version_value": "1.2.2.12"
|
|
},
|
|
{
|
|
"version_value": "1.3.7"
|
|
},
|
|
{
|
|
"version_value": "and 1.4.8. Isaac Mizrahi Android app versions 1.0.201601214"
|
|
},
|
|
{
|
|
"version_value": "1.2.2016040820"
|
|
},
|
|
{
|
|
"version_value": "1.3.2016052319"
|
|
},
|
|
{
|
|
"version_value": "1.4.2016072601"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Insecure HTTP during login."
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://support.hp.com/us-en/document/c05976868",
|
|
"url": "https://support.hp.com/us-en/document/c05976868"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue."
|
|
}
|
|
]
|
|
}
|
|
} |