CVE-2022-40703

MEDIUM Year: 2022
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-302
View all →

Vulnerability Description

CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App version 5.17.1-754993421 and prior on Android allows an unauthenticated attacker with physical access to the Android device containing the app to bypass application authentication and alter information in the app.

Related Vulnerabilities

CVE-2024-47086

HIGH
CVSS:6.5(Medium)

This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vu...

CWE-3022024

CVE-2024-8475

MEDIUM
CVSS:6.5(Medium)

Authentication Bypass by Assumed-Immutable Data vulnerability in Digital Operation Services WiFiBurada allows Manipulating User-Controlled Variables.This issue affects WiFiBurada: before 1.0.5.

CWE-3022024

CVE-2022-2503

MEDIUM
CVSS:6.7(Medium)

Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads cu...

CWE-3022022

CVE-2021-1561

MEDIUM
CVSS:5.4(Medium)

A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthor...

CWE-3022021

CVE-2023-47127

MEDIUM
CVSS:5.4(Medium)

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.examp...

CWE-3022023

CVE-2024-3462

MEDIUM
CVSS:5.4(Medium)

Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for ...

CWE-3022024