CVE-2024-43201

The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://apps.apple.com/us/app/planet-fitness-workouts/id399857015	Product
https://dontvacuum.me/bugs/pf/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:planetfitness:planet_fitness_workouts:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:iphone_os:-:::::::*
	cpe:2.3:o:google:android:-:::::::*

History

30 Sep 2024, 13:55

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 5.9
First Time		Google Planetfitness Planetfitness planet Fitness Workouts Google android Apple iphone Os Apple
References	~~() https://apps.apple.com/us/app/planet-fitness-workouts/id399857015 -~~	() https://apps.apple.com/us/app/planet-fitness-workouts/id399857015 - Product
References	~~() https://dontvacuum.me/bugs/pf/ -~~	() https://dontvacuum.me/bugs/pf/ - Exploit, Third Party Advisory
CPE		cpe:2.3:o:apple:iphone_os:-:::::::* cpe:2.3:a:planetfitness:planet_fitness_workouts:::::::: cpe:2.3:o:google:android:-:::::::*

26 Sep 2024, 13:32

Type	Values Removed	Values Added
Summary		(es) Las aplicaciones móviles iOS y Android de Planet Fitness Workouts anteriores a la versión 9.8.12 (lanzada el 25 de julio de 2024) no logran validar correctamente los certificados TLS, lo que permite que un atacante con acceso de red adecuado obtenga tokens de sesión e información confidencial.

23 Sep 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-23 20:15

Updated : 2024-09-30 13:55

NVD link : CVE-2024-43201

Mitre link : CVE-2024-43201

CVE.ORG link : CVE-2024-43201

JSON object : View

Products Affected

google

android

apple

iphone_os

planetfitness

planet_fitness_workouts

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2024-43201", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"safety": "NEGLIGIBLE", "version": "4.0", "recovery": "USER", "baseScore": 8.7, "automatable": "NO", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "LOW", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-09-23T20:15:04.973", "references": [{"url": "https://apps.apple.com/us/app/planet-fitness-workouts/id399857015", "tags": ["Product"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://dontvacuum.me/bugs/pf/", "tags": ["Exploit", "Third Party Advisory"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}, {"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information."}, {"lang": "es", "value": "Las aplicaciones m\u00f3viles iOS y Android de Planet Fitness Workouts anteriores a la versi\u00f3n 9.8.12 (lanzada el 25 de julio de 2024) no logran validar correctamente los certificados TLS, lo que permite que un atacante con acceso de red adecuado obtenga tokens de sesi\u00f3n e informaci\u00f3n confidencial."}], "lastModified": "2024-09-30T13:55:38.390", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:planetfitness:planet_fitness_workouts:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F93B99AE-0F4C-4F84-BA83-050AB739D639", "versionEndExcluding": "9.8.12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705"}, {"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725"}