CVE-2020-8791

{"id": "CVE-2020-8791", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-05-04T14:15:13.527", "references": [{"url": "https://github.com/fierceoj/ownklok", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary user IDs. Valid and current user IDs are trivial to guess because of the user ID assignment convention used by the app. A remote attacker could harvest email addresses, unsalted MD5 password hashes, owner-assigned lock names, and owner-assigned fingerprint names for any range of arbitrary user IDs."}, {"lang": "es", "value": "La aplicaci\u00f3n m\u00f3vil complementaria OKLOK (versi\u00f3n 3.1.1) para el Fingerprint Bluetooth Padlock FB50 (versi\u00f3n 2.3), permite a atacantes remotos enviar peticiones de la API usando tokens autenticados pero no autorizados, resultando en problemas de IDOR. Un atacante remoto puede usar su propio token para hacer peticiones de la API no autorizadas en nombre de IDORs de usuario arbitrarios. Los ID de usuario v\u00e1lidos y actuales son triviales de adivinar debido a la convenci\u00f3n de asignaci\u00f3n de ID de usuario usada por la aplicaci\u00f3n. Un atacante remoto podr\u00eda recolectar direcciones de correo electr\u00f3nico, hashes de contrase\u00f1as MD5 sin sal, nombres de candados asignados por el propietario y nombres de huellas dactilares asignados por el propietario para cualquier rango de ID de usuario arbitrarios."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oklok_project:oklok:3.1.1:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "BD4A4E73-78DE-4A92-B729-F425AF47CDEB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}