Vulnerability Details CVE-2021-3179
GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone
- https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m
- https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8
- https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone
- https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m
- https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8
Products affected by CVE-2021-3179
-
cpe:2.3:a:gglocker_project:gglocker:-