HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2021-27495

CVSS 7.1v3.1pub. 2021-07-30upd. 2024-11-21

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
  • Ypsomed Mylife

    APP
    Ypsomed
    < 1.7.5
  • Ypsomed Mylife Cloud

    APP
    Ypsomed
    < 1.7.2
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-27491HIGH7.5ten sam produkt

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylif...

CVE-2021-27499MEDIUM5.9ten sam produkt

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed my...

CVE-2021-27503MEDIUM4.8ten sam produkt

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed my...

CVE-2021-27495 β€” Ypsomed β€” Mylife β€” HIGH β€” CVSS 7.1 | CVEbaza.pl