GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass.
References
Link | Resource |
---|---|
https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone | Product Third Party Advisory |
https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m | Third Party Advisory |
https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8 |
Configurations
History
07 Nov 2023, 03:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-12-16 20:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-3179
Mitre link : CVE-2021-3179
CVE.ORG link : CVE-2021-3179
JSON object : View
Products Affected
gglocker_project
- gglocker
CWE
CWE-522
Insufficiently Protected Credentials