CVE-2021-3179 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 23%

Common Weakness Enumeration

CWE-522 - Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References

https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone

https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m

https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8

https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone

https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m

https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8