CVE-2021-27491

EUVD-2021-14245
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
ypsomedmylife
𝑥
< 1.7.5
ypsomedmylife_cloud
𝑥
< 1.7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01
https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01