An incorrect access control issue in Life: Personal Diary, Journal android app 17.5.0 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function.
References
Link | Resource |
---|---|
https://play.google.com/store/apps/details?id=com.hitbytes.minidiarynotes | Product |
https://zzzxiin.github.io/post/life-personal-diary/ | Third Party Advisory |
Configurations
History
13 Nov 2024, 20:04
Type | Values Removed | Values Added |
---|---|---|
References | () https://play.google.com/store/apps/details?id=com.hitbytes.minidiarynotes - Product | |
References | () https://zzzxiin.github.io/post/life-personal-diary/ - Third Party Advisory | |
CPE | cpe:2.3:a:hitbytes:life:17.5.0:*:*:*:*:android:*:* | |
CWE | NVD-CWE-Other | |
First Time |
Hitbytes life
Hitbytes |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
13 Nov 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
Summary |
|
08 Nov 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-08 18:15
Updated : 2024-11-13 20:04
NVD link : CVE-2024-40239
Mitre link : CVE-2024-40239
CVE.ORG link : CVE-2024-40239
JSON object : View
Products Affected
hitbytes
- life
CWE